6 files changed, 420 insertions, 0 deletions
diff --git a/debian/patches/01_set-default-path.patch b/debian/patches/01_set-default-path.patch
new file mode 100644
index 0000000..1a3cfdf
--- /dev/null
+++ b/debian/patches/01_set-default-path.patch
@@ -0,0 +1,32 @@
+Author: Yves-Alexis Perez <corsac@debian.org>
+Author: Lionel Le Folgoc <mrpouit@gmail.com>
+Bug: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/798277
+Description: Fix default PATH environment variable
+--- a/src/seat.c
++++ b/src/seat.c
+@@ -274,7 +274,10 @@ run_script (Seat *seat, DisplayServer *d
+         process_set_env (script, "PATH", g_getenv ("PATH"));
+     }
+     else
+-        process_set_env (script, "PATH", "/usr/local/bin:/usr/bin:/bin");
++        if (user_get_uid (user) == 0)
++          process_set_env (script, "PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin");
++        else
++          process_set_env (script, "PATH", "/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games");
+ 
+     if (user)
+     {
+--- a/src/session-child.c
++++ b/src/session-child.c
+@@ -354,7 +354,10 @@ session_child_run (int argc, char **argv
+         else
+         {
+             /* Set POSIX variables */
+-            pam_putenv (pam_handle, "PATH=/usr/local/bin:/usr/bin:/bin");
++            if (user_get_uid (user) == 0)
++              pam_putenv (pam_handle, "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin");
++            else
++              pam_putenv (pam_handle, "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games");
+             pam_putenv (pam_handle, g_strdup_printf ("USER=%s", username));
+             pam_putenv (pam_handle, g_strdup_printf ("LOGNAME=%s", username));
+             pam_putenv (pam_handle, g_strdup_printf ("HOME=%s", user_get_home_directory (user)));
diff --git a/debian/patches/02_fix-apparmor-profile.patch b/debian/patches/02_fix-apparmor-profile.patch
new file mode 100644
index 0000000..8223f8c
--- /dev/null
+++ b/debian/patches/02_fix-apparmor-profile.patch
@@ -0,0 +1,44 @@
+--- a/data/apparmor/abstractions/lightdm
++++ b/data/apparmor/abstractions/lightdm
+@@ -11,7 +11,6 @@
+   #include <abstractions/cups-client>
+   #include <abstractions/dbus>
+   #include <abstractions/dbus-session>
+-  #include <abstractions/dbus-accessibility>
+   #include <abstractions/nameservice>
+   #include <abstractions/wutmp>
+   /etc/compizconfig/config rw, # bug in compiz https://launchpad.net/bugs/697678
+@@ -74,10 +73,11 @@
+   capability ipc_lock,
+ 
+   # allow processes in the guest session to signal and ptrace each other
+-  signal peer=@{profile_name},
+-  ptrace peer=@{profile_name},
+-  # needed when logging out of the guest session
+-  signal (receive) peer=unconfined,
++  # this doesn't work with the current Debian apparmor
++  #signal peer=@{profile_name},
++  #ptrace peer=@{profile_name},
++  ## needed when logging out of the guest session
++  #signal (receive) peer=unconfined,
+ 
+   # silence warnings for stuff that we really don't want to grant
+   deny capability dac_override,
+--- a/data/apparmor/abstractions/lightdm_chromium-browser
++++ b/data/apparmor/abstractions/lightdm_chromium-browser
+@@ -8,6 +8,7 @@
+ # provided in abstractions/lightdm, this abstraction must be separate from
+ # abstractions/lightdm.
+ 
++  /usr/lib/chromium/chromium Cx -> chromium,
+   /usr/lib/chromium-browser/chromium-browser Cx -> chromium,
+   /usr/bin/webapp-container Cx -> chromium,
+   /usr/bin/webbrowser-app Cx -> chromium,
+@@ -53,6 +54,7 @@
+ 
+     /selinux/ r,
+ 
++    /usr/lib/chromium/chrome-sandbox ix,
+     /usr/lib/chromium-browser/chromium-browser-sandbox ix,
+     /usr/lib/@{multiarch}/oxide-qt/chrome-sandbox ix,
+     /opt/google/chrome-*/chrome-sandbox ix,
diff --git a/debian/patches/03_use-desktopnames-properties.patch b/debian/patches/03_use-desktopnames-properties.patch
new file mode 100644
index 0000000..29c6db5
--- /dev/null
+++ b/debian/patches/03_use-desktopnames-properties.patch
@@ -0,0 +1,201 @@
+--- lightdm/src/seat.c	2014-09-30 03:33:38 +0000
++++ lightdm/src/seat.c	2014-10-20 14:28:16 +0000
+@@ -848,14 +848,19 @@
+ static void
+ configure_session (Session *session, SessionConfig *config, const gchar *session_name, const gchar *language)
+ {
+-    const gchar *desktop_name;
++    gchar **desktop_names;
+ 
+     session_set_config (session, config);
+     session_set_env (session, "DESKTOP_SESSION", session_name);
+     session_set_env (session, "GDMSESSION", session_name);
+-    desktop_name = session_config_get_desktop_name (config);
+-    if (desktop_name)
+-        session_set_env (session, "XDG_CURRENT_DESKTOP", desktop_name);
++    desktop_names = session_config_get_desktop_names (config);
++    if (desktop_names)
++    {
++        gchar *value;
++        value = g_strjoinv (":", desktop_names);
++        session_set_env (session, "XDG_CURRENT_DESKTOP", value);
++        g_free (value);
++    }
+     if (language && language[0] != '\0')
+     {
+         session_set_env (session, "LANG", language);
+
+--- lightdm/src/session-config.c	2014-09-12 00:04:28 +0000
++++ lightdm/src/session-config.c	2014-10-20 14:28:16 +0000
+@@ -16,8 +16,8 @@
+     /* Session type */
+     gchar *session_type;
+ 
+-    /* Desktop name */
+-    gchar *desktop_name;
++    /* Desktop names */
++    gchar **desktop_names;
+ 
+     /* Command to run */
+     gchar *command;
+@@ -53,7 +53,20 @@
+     config->priv->session_type = g_key_file_get_string (desktop_file, G_KEY_FILE_DESKTOP_GROUP, "X-LightDM-Session-Type", NULL);
+     if (!config->priv->session_type)
+         config->priv->session_type = g_strdup ("x");
+-    config->priv->desktop_name = g_key_file_get_string (desktop_file, G_KEY_FILE_DESKTOP_GROUP, "X-LightDM-DesktopName", NULL);
++
++    config->priv->desktop_names = g_key_file_get_string_list (desktop_file, G_KEY_FILE_DESKTOP_GROUP, "DesktopNames", NULL, NULL);
++    if (!config->priv->desktop_names)
++    {
++        gchar *name;
++
++        name = g_key_file_get_string (desktop_file, G_KEY_FILE_DESKTOP_GROUP, "X-LightDM-DesktopName", NULL);
++        if (name)
++        {
++            config->priv->desktop_names = g_malloc (sizeof (gchar *) * 2);
++            config->priv->desktop_names[0] = name;
++            config->priv->desktop_names[1] = NULL;
++        }
++    }
+     config->priv->compositor_command = g_key_file_get_string (desktop_file, G_KEY_FILE_DESKTOP_GROUP, "X-LightDM-System-Compositor-Command", NULL);
+ 
+     g_key_file_free (desktop_file);
+@@ -75,11 +88,11 @@
+     return config->priv->session_type;
+ }
+ 
+-const gchar *
+-session_config_get_desktop_name (SessionConfig *config)
++gchar **
++session_config_get_desktop_names (SessionConfig *config)
+ {
+     g_return_val_if_fail (config != NULL, NULL);
+-    return config->priv->desktop_name;
++    return config->priv->desktop_names;
+ }
+ 
+ const gchar *
+@@ -101,7 +114,7 @@
+     SessionConfig *self = SESSION_CONFIG (object);
+ 
+     g_free (self->priv->session_type);
+-    g_free (self->priv->desktop_name);
++    g_strfreev (self->priv->desktop_names);
+     g_free (self->priv->command);
+     g_free (self->priv->compositor_command);
+ 
+
+--- lightdm/src/session-config.h	2014-09-12 00:04:28 +0000
++++ lightdm/src/session-config.h	2014-10-20 14:28:16 +0000
+@@ -42,7 +42,7 @@
+ 
+ const gchar *session_config_get_session_type (SessionConfig *config);
+ 
+-const gchar *session_config_get_desktop_name (SessionConfig *config);
++gchar **session_config_get_desktop_names (SessionConfig *config);
+ 
+ const gchar *session_config_get_compositor_command (SessionConfig *config);
+ 
+
+--- lightdm/tests/Makefile.am	2014-09-30 03:33:38 +0000
++++ lightdm/tests/Makefile.am	2014-10-20 14:28:16 +0000
+@@ -56,6 +56,7 @@
+ 	test-login-guest-session-config \
+ 	test-group-membership \
+ 	test-xdg-current-desktop \
++	test-xdg-current-desktop-legacy \
+ 	test-xdg-seat \
+ 	test-language-env \
+ 	test-session-stdout \
+@@ -339,6 +340,7 @@
+ 	data/sessions/mir.desktop \
+ 	data/sessions/mir-container.desktop \
+ 	data/sessions/named.desktop \
++	data/sessions/named-legacy.desktop \
+ 	data/sessions/surfaceflinger.desktop \
+ 	scripts/0-additional.conf \
+ 	scripts/1-additional.conf \
+@@ -543,6 +545,7 @@
+ 	scripts/vnc-open-file-descriptors.conf \
+ 	scripts/xauthority.conf \
+ 	scripts/xdg-current-desktop.conf \
++	scripts/xdg-current-desktop-legacy.conf \
+ 	scripts/xdg-seat.conf \
+ 	scripts/xdmcp-client.conf \
+ 	scripts/xdmcp-server-login.conf \
+
+=== added file 'tests/data/sessions/named-legacy.desktop'
+--- lightdm/tests/data/sessions/named-legacy.desktop	1970-01-01 00:00:00 +0000
++++ lightdm/tests/data/sessions/named-legacy.desktop	2014-10-20 14:28:16 +0000
+@@ -0,0 +1,5 @@
++[Desktop Entry]
++Name=Test Session
++Comment=LightDM test session
++Exec=test-session
++X-LightDM-DesktopName=TestDesktop
+
+=== modified file 'tests/data/sessions/named.desktop'
+--- lightdm/tests/data/sessions/named.desktop	2013-08-19 00:21:19 +0000
++++ lightdm/tests/data/sessions/named.desktop	2014-10-20 14:28:16 +0000
+@@ -2,4 +2,4 @@
+ Name=Test Session
+ Comment=LightDM test session
+ Exec=test-session
+-X-LightDM-DesktopName=TestDesktop
++DesktopNames=TestDesktop1;TestDesktop2;
+
+=== added file 'tests/scripts/xdg-current-desktop-legacy.conf'
+--- lightdm/tests/scripts/xdg-current-desktop-legacy.conf	1970-01-01 00:00:00 +0000
++++ lightdm/tests/scripts/xdg-current-desktop-legacy.conf	2014-10-20 14:28:16 +0000
+@@ -0,0 +1,30 @@
++#
++# Check XDG_CURRENT_DESKTOP is set for sessions that support it using the legacy key name
++#
++
++[SeatDefaults]
++autologin-user=have-password1
++user-session=named-legacy
++
++#?*START-DAEMON
++#?RUNNER DAEMON-START
++
++# X server starts
++#?XSERVER-0 START VT=7 SEAT=seat0
++
++# Daemon connects when X server is ready
++#?*XSERVER-0 INDICATE-READY
++#?XSERVER-0 INDICATE-READY
++#?XSERVER-0 ACCEPT-CONNECT
++
++# Session starts
++#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_CURRENT_DESKTOP=TestDesktop XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=named-legacy USER=have-password1
++#?LOGIN1 ACTIVATE-SESSION SESSION=c0
++#?XSERVER-0 ACCEPT-CONNECT
++#?SESSION-X-0 CONNECT-XSERVER
++
++# Cleanup
++#?*STOP-DAEMON
++#?SESSION-X-0 TERMINATE SIGNAL=15
++#?XSERVER-0 TERMINATE SIGNAL=15
++#?RUNNER DAEMON-EXIT STATUS=0
+
+=== modified file 'tests/scripts/xdg-current-desktop.conf'
+--- lightdm/tests/scripts/xdg-current-desktop.conf	2014-03-17 18:33:02 +0000
++++ lightdm/tests/scripts/xdg-current-desktop.conf	2014-10-20 14:28:16 +0000
+@@ -18,7 +18,7 @@
+ #?XSERVER-0 ACCEPT-CONNECT
+ 
+ # Session starts
+-#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_CURRENT_DESKTOP=TestDesktop XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=named USER=have-password1
++#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_CURRENT_DESKTOP=TestDesktop1:TestDesktop2 XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=named USER=have-password1
+ #?LOGIN1 ACTIVATE-SESSION SESSION=c0
+ #?XSERVER-0 ACCEPT-CONNECT
+ #?SESSION-X-0 CONNECT-XSERVER
+
+=== added file 'tests/test-xdg-current-desktop-legacy'
+--- lightdm/tests/test-xdg-current-desktop-legacy	1970-01-01 00:00:00 +0000
++++ lightdm/tests/test-xdg-current-desktop-legacy	2014-10-20 14:28:16 +0000
+@@ -0,0 +1,2 @@
++#!/bin/sh
++./src/dbus-env ./src/test-runner xdg-current-desktop-legacy test-gobject-greeter
+
diff --git a/debian/patches/05_debianize-pam-files.patch b/debian/patches/05_debianize-pam-files.patch
new file mode 100644
index 0000000..b2dd806
--- /dev/null
+++ b/debian/patches/05_debianize-pam-files.patch
@@ -0,0 +1,105 @@
+--- a/data/pam/lightdm
++++ b/data/pam/lightdm
+@@ -1,20 +1,35 @@
+ #%PAM-1.0
+ 
+ # Block login if they are globally disabled
+-auth      required pam_nologin.so
++auth      requisite pam_nologin.so
+ 
+ # Load environment from /etc/environment and ~/.pam_environment
+-auth      required pam_env.so
++auth      required pam_env.so envfile=/etc/default/locale
+ 
+-# Use /etc/passwd and /etc/shadow for passwords
+-auth      required pam_unix.so
++@include common-auth
+ 
+-# Check account is active, change password if required
+-account   required pam_unix.so
++-auth  optional pam_gnome_keyring.so
+ 
+-# Allow password to be changed
+-password  required pam_unix.so
++@include common-account
+ 
+-# Setup session
+-session   required pam_unix.so
+-session   optional pam_systemd.so
++# SELinux needs to be the first session rule. This ensures that any
++# lingering context has been cleared. Without out this it is possible
++# that a module could execute code in the wrong domain.
++# When the module is present, "required" would be sufficient (When SELinux
++# is disabled, this returns success.)
++session  [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
++
++session  required        pam_limits.so
++session  required        pam_loginuid.so
++@include common-session
++
++# SELinux needs to intervene at login time to ensure that the process
++# starts in the proper default security context. Only sessions which are
++# intended to run in the user's context should be run after this.
++session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
++# When the module is present, "required" would be sufficient (When SELinux
++# is disabled, this returns success.)
++
++-session optional        pam_gnome_keyring.so auto_start
++
++@include common-password
+--- a/data/pam/lightdm-greeter
++++ b/data/pam/lightdm-greeter
+@@ -1,7 +1,7 @@
+ #%PAM-1.0
+ 
+ # Load environment from /etc/environment and ~/.pam_environment
+-auth      required pam_env.so
++auth      required pam_env.so envfile=/etc/default/locale
+ 
+ # Always let the greeter start without authentication
+ auth      required pam_permit.so
+--- a/data/pam/lightdm-autologin
++++ b/data/pam/lightdm-autologin
+@@ -1,20 +1,35 @@
+ #%PAM-1.0
+ 
+ # Block login if they are globally disabled
+-auth      required pam_nologin.so
++auth      requisite pam_nologin.so
+ 
+ # Load environment from /etc/environment and ~/.pam_environment
+-auth      required pam_env.so
++auth      required pam_env.so envfile=/etc/default/locale
+ 
+ # Allow access without authentication
+ auth      required pam_permit.so
+ 
+-# Stop autologin if account requires action
+-account   required pam_unix.so
++@include common-account
++
++# SELinux needs to be the first session rule. This ensures that any
++# lingering context has been cleared. Without out this it is possible
++# that a module could execute code in the wrong domain.
++# When the module is present, "required" would be sufficient (When SELinux
++# is disabled, this returns success.)
++session  [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
++
++session  required        pam_limits.so
++session  required        pam_loginuid.so
++@include common-session
++
++# SELinux needs to intervene at login time to ensure that the process
++# starts in the proper default security context. Only sessions which are
++# intended to run in the user's context should be run after this.
++session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
++# When the module is present, "required" would be sufficient (When SELinux
++# is disabled, this returns success.)
+ 
+ # Can't change password
+ password  required pam_deny.so
+ 
+-# Setup session
+-session   required pam_unix.so
+-session   optional pam_systemd.so
++@include common-password
diff --git a/debian/patches/06_change-user-dirs.patch b/debian/patches/06_change-user-dirs.patch
new file mode 100644
index 0000000..ae2f1f0
--- /dev/null
+++ b/debian/patches/06_change-user-dirs.patch
@@ -0,0 +1,33 @@
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -78,7 +78,7 @@ lightdm_CFLAGS = \
+ 	$(LIGHTDM_CFLAGS) \
+ 	-I"$(top_srcdir)/common" \
+ 	-DSBIN_DIR=\"$(sbindir)\" \
+-	-DUSERS_DIR=\"$(localstatedir)/lib/lightdm-data\" \
++	-DUSERS_DIR=\"$(localstatedir)/lib/lightdm/data\" \
+ 	-DLOG_DIR=\"$(localstatedir)/log/lightdm\" \
+ 	-DRUN_DIR=\"$(localstatedir)/run/lightdm\" \
+ 	-DCACHE_DIR=\"$(localstatedir)/cache/lightdm\" \
+--- a/src/Makefile.in
++++ b/src/Makefile.in
+@@ -476,7 +476,7 @@ lightdm_CFLAGS = \
+ 	$(LIGHTDM_CFLAGS) \
+ 	-I"$(top_srcdir)/common" \
+ 	-DSBIN_DIR=\"$(sbindir)\" \
+-	-DUSERS_DIR=\"$(localstatedir)/lib/lightdm-data\" \
++	-DUSERS_DIR=\"$(localstatedir)/lib/lightdm/data\" \
+ 	-DLOG_DIR=\"$(localstatedir)/log/lightdm\" \
+ 	-DRUN_DIR=\"$(localstatedir)/run/lightdm\" \
+ 	-DCACHE_DIR=\"$(localstatedir)/cache/lightdm\" \
+--- a/src/shared-data-manager.c
++++ b/src/shared-data-manager.c
+@@ -99,7 +99,7 @@ shared_data_manager_ensure_user_dir (Sha
+ 
+     g_debug ("Creating shared data directory %s", path);
+ 
+-    result = g_file_make_directory (file, NULL, &error);
++    result = g_file_make_directory_with_parents (file, NULL, &error);
+     if (error)
+     {
+         if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_EXISTS))
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..4d88677
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,5 @@
+01_set-default-path.patch
+02_fix-apparmor-profile.patch
+03_use-desktopnames-properties.patch
+05_debianize-pam-files.patch
+06_change-user-dirs.patch