[packages/gdm.git] / gdm-polkit.patch

From 09153c6825e5b5157fba7600cefabb762d887891 Mon Sep 17 00:00:00 2001
From: Robert Ancell <robert.ancell@ubuntu.com>
Date: Thu, 6 Aug 2009 15:57:15 +0100
Subject: [PATCH 1/2] Add PolicyKit support to GDM settings D-Bus interface
Ubuntu: https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/395299
Upstream: http://bugzilla.gnome.org/show_bug.cgi?id=587750

diff -urN gdm-2.29.92/common/gdm-settings.c gdm-2.29.92.new//common/gdm-settings.c
--- gdm-2.29.92/common/gdm-settings.c	2010-03-08 22:53:57.000000000 +0100
+++ gdm-2.29.92.new//common/gdm-settings.c	2010-03-14 21:01:32.864403121 +0100
@@ -36,6 +36,7 @@
 #define DBUS_API_SUBJECT_TO_CHANGE
 #include <dbus/dbus-glib.h>
 #include <dbus/dbus-glib-lowlevel.h>
+#include <polkit/polkit.h>
 
 #include "gdm-settings.h"
 #include "gdm-settings-glue.h"
@@ -110,6 +111,90 @@
         return res;
 }
 
+static void
+unlock_auth_cb (PolkitAuthority *authority,
+                GAsyncResult *result,
+                DBusGMethodInvocation *context)
+{
+        PolkitAuthorizationResult *auth_result;
+        GError  *error = NULL;
+
+        auth_result = polkit_authority_check_authorization_finish (authority, result, &error);
+
+        if (!auth_result)
+                dbus_g_method_return_error (context, error);
+        else {
+                dbus_g_method_return (context,
+                                      polkit_authorization_result_get_is_authorized (auth_result));
+        }
+    
+        if (auth_result)
+                g_object_unref (auth_result);
+        if (error)
+                g_error_free (error);
+}
+
+gboolean
+gdm_settings_unlock (GdmSettings *settings,
+                     DBusGMethodInvocation *context)
+{
+        polkit_authority_check_authorization (polkit_authority_get (),
+                                              polkit_system_bus_name_new (dbus_g_method_get_sender (context)),
+                                              "org.gnome.displaymanager.settings.write",
+                                              NULL,
+                                              POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
+                                              NULL,
+                                              (GAsyncReadyCallback) unlock_auth_cb,
+                                              context);
+}
+
+typedef struct
+{
+        GdmSettings *settings;
+        DBusGMethodInvocation *context;
+        gchar *key, *value;
+} SetValueData;
+
+static void
+set_value_auth_cb (PolkitAuthority *authority,
+                   GAsyncResult *result,
+                   SetValueData *data)
+{
+        PolkitAuthorizationResult *auth_result;
+        GError  *error = NULL;
+
+        auth_result = polkit_authority_check_authorization_finish (authority, result, &error);
+
+        if (!auth_result)
+                dbus_g_method_return_error (data->context, error);
+        else {
+                if (polkit_authorization_result_get_is_authorized (auth_result)) {
+                        gboolean result;
+                    
+                        result = gdm_settings_backend_set_value (data->settings->priv->backend,
+                                                                 data->key,
+                                                                 data->value,
+                                                                 &error);
+                        if (result)
+                                dbus_g_method_return (data->context);
+                        else
+                                dbus_g_method_return_error (data->context, error);
+                }
+                else {
+                        error = g_error_new (DBUS_GERROR_REMOTE_EXCEPTION, 0, "Not authorized");
+                        dbus_g_method_return_error (data->context, error);
+                }
+        }
+    
+        if (auth_result)
+                g_object_unref (auth_result);
+        if (error)
+                g_error_free (error);
+        g_free (data->key);
+        g_free (data->value);
+        g_free (data);
+}
+
 /*
 dbus-send --system --print-reply --dest=org.gnome.DisplayManager /org/gnome/DisplayManager/Settings org.gnome.DisplayManager.Settings.SetValue string:"xdmcp/Enable" string:"false"
 */
@@ -118,26 +203,30 @@
 gdm_settings_set_value (GdmSettings *settings,
                         const char  *key,
                         const char  *value,
-                        GError     **error)
+                        DBusGMethodInvocation *context)
 {
-        GError  *local_error;
-        gboolean res;
-
+        SetValueData *data;
+    
         g_return_val_if_fail (GDM_IS_SETTINGS (settings), FALSE);
         g_return_val_if_fail (key != NULL, FALSE);
 
         g_debug ("Setting value %s", key);
-
-        local_error = NULL;
-        res = gdm_settings_backend_set_value (settings->priv->backend,
-                                              key,
-                                              value,
-                                              &local_error);
-        if (! res) {
-                g_propagate_error (error, local_error);
-        }
-
-        return res;
+    
+        /* Authorize with PolicyKit */
+        data = g_malloc (sizeof(SetValueData));
+        data->settings = settings;
+        data->context = context;
+        data->key = g_strdup(key);
+        data->value = g_strdup(value);    
+        polkit_authority_check_authorization (polkit_authority_get (),
+                                              polkit_system_bus_name_new (dbus_g_method_get_sender (context)),
+                                              "org.gnome.displaymanager.settings.write",
+                                              NULL,
+                                              POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
+                                              NULL,
+                                              (GAsyncReadyCallback) set_value_auth_cb,
+                                              data);
+        return TRUE;
 }
 
 static gboolean
diff -urN gdm-2.29.92/common/gdm-settings.h gdm-2.29.92.new//common/gdm-settings.h
--- gdm-2.29.92/common/gdm-settings.h	2010-03-08 22:53:57.000000000 +0100
+++ gdm-2.29.92.new//common/gdm-settings.h	2010-03-14 21:01:32.864403121 +0100
@@ -23,6 +23,7 @@
 #define __GDM_SETTINGS_H
 
 #include <glib-object.h>
+#include <dbus/dbus-glib.h>
 
 G_BEGIN_DECLS
 
@@ -70,10 +71,12 @@
                                                                  const char  *key,
                                                                  char       **value,
                                                                  GError     **error);
+gboolean            gdm_settings_unlock                         (GdmSettings *settings,
+                                                                 DBusGMethodInvocation *context);
 gboolean            gdm_settings_set_value                      (GdmSettings *settings,
                                                                  const char  *key,
                                                                  const char  *value,
-                                                                 GError     **error);
+                                                                 DBusGMethodInvocation *context);
 
 G_END_DECLS
 
diff -urN gdm-2.29.92/common/gdm-settings.xml gdm-2.29.92.new//common/gdm-settings.xml
--- gdm-2.29.92/common/gdm-settings.xml	2010-03-08 22:53:57.000000000 +0100
+++ gdm-2.29.92.new//common/gdm-settings.xml	2010-03-14 21:01:32.864403121 +0100
@@ -5,7 +5,12 @@
       <arg name="key" direction="in" type="s"/>
       <arg name="value" direction="out" type="s"/>
     </method>
+    <method name="Unlock">
+      <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
+      <arg name="is_unlocked" direction="out" type="b"/>
+    </method>
     <method name="SetValue">
+      <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
       <arg name="key" direction="in" type="s"/>
       <arg name="value" direction="in" type="s"/>
     </method>
diff -urN gdm-2.29.92/common/Makefile.am gdm-2.29.92.new//common/Makefile.am
--- gdm-2.29.92/common/Makefile.am	2010-03-08 22:53:57.000000000 +0100
+++ gdm-2.29.92.new//common/Makefile.am	2010-03-14 21:01:32.867730975 +0100
@@ -110,6 +110,7 @@
 	$(NULL)
 
 libgdmcommon_la_LIBADD =		\
+	$(COMMON_LIBS)			\
 	$(NULL)
 
 libgdmcommon_la_LDFLAGS = 	\
diff -urN gdm-2.29.92/configure.ac gdm-2.29.92.new//configure.ac
--- gdm-2.29.92/configure.ac	2010-03-08 23:09:47.000000000 +0100
+++ gdm-2.29.92.new//configure.ac	2010-03-14 21:03:28.747726327 +0100
@@ -40,6 +40,7 @@
 dnl ---------------------------------------------------------------------------
 
 DBUS_GLIB_REQUIRED_VERSION=0.74
+POLKIT_GOBJECT_REQUIRED_VERSION=0.92
 GLIB_REQUIRED_VERSION=2.27.4
 GTK_REQUIRED_VERSION=2.91.1
 PANGO_REQUIRED_VERSION=1.3.0
@@ -60,6 +61,7 @@
 
 PKG_CHECK_MODULES(COMMON,
         dbus-glib-1 >= $DBUS_GLIB_REQUIRED_VERSION
+        polkit-gobject-1 >= $POLKIT_GOBJECT_REQUIRED_VERSION
         gobject-2.0 >= $GLIB_REQUIRED_VERSION
         gio-2.0 >= $GLIB_REQUIRED_VERSION
 )
@@ -68,6 +70,7 @@
 
 PKG_CHECK_MODULES(DAEMON,
         dbus-glib-1 >= $DBUS_GLIB_REQUIRED_VERSION
+        polkit-gobject-1 >= $POLKIT_GOBJECT_REQUIRED_VERSION
         gobject-2.0 >= $GLIB_REQUIRED_VERSION
         gio-2.0 >= $GLIB_REQUIRED_VERSION
 )
diff -urN gdm-2.29.92/data/gdm.conf.in gdm-2.29.92.new//data/gdm.conf.in
--- gdm-2.29.92/data/gdm.conf.in	2010-03-08 22:53:57.000000000 +0100
+++ gdm-2.29.92.new//data/gdm.conf.in	2010-03-14 21:01:32.867730975 +0100
@@ -34,8 +34,6 @@
     <deny send_destination="org.gnome.DisplayManager"
           send_interface="org.gnome.DisplayManager.LocalDisplayFactory"/>
     <deny send_destination="org.gnome.DisplayManager"
-          send_interface="org.gnome.DisplayManager.Settings"/>
-    <deny send_destination="org.gnome.DisplayManager"
           send_interface="org.gnome.DisplayManager.Slave"/>
     <deny send_destination="org.gnome.DisplayManager"
           send_interface="org.gnome.DisplayManager.Session"/>
@@ -44,6 +42,10 @@
     <allow send_destination="org.gnome.DisplayManager"
            send_interface="org.freedesktop.DBus.Introspectable"/>
 
+    <!-- Controlled by PolicyKit -->
+    <allow send_destination="org.gnome.DisplayManager"
+           send_interface="org.gnome.DisplayManager.Settings"/>
+
     <allow send_destination="org.gnome.DisplayManager"
            send_interface="org.gnome.DisplayManager.Display"
            send_member="GetId"/>
diff -urN gdm-2.29.92/data/gdm.policy.in gdm-2.29.92.new//data/gdm.policy.in
--- gdm-2.29.92/data/gdm.policy.in	1970-01-01 01:00:00.000000000 +0100
+++ gdm-2.29.92.new//data/gdm.policy.in	2010-03-14 21:01:32.867730975 +0100
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
+<policyconfig>
+  <vendor>The GNOME Project</vendor>
+  <vendor_url>http://www.gnome.org/</vendor_url>
+  <icon_name>gdm</icon_name>
+
+  <action id="org.gnome.displaymanager.settings.write">
+    <description>Change login screen configuration</description>
+    <message>Privileges are required to change the login screen configuration.</message>
+    <defaults>
+      <allow_inactive>no</allow_inactive>
+      <allow_active>auth_admin_keep</allow_active>
+    </defaults>
+  </action>
+</policyconfig>
diff -urN gdm-2.29.92/data/Makefile.am gdm-2.29.92.new//data/Makefile.am
--- gdm-2.29.92/data/Makefile.am	2010-03-08 22:53:57.000000000 +0100
+++ gdm-2.29.92.new//data/Makefile.am	2010-03-14 21:06:01.074377153 +0100
@@ -46,6 +46,8 @@
 schemas_in_files = gdm.schemas.in
 schemas_DATA = $(schemas_in_files:.schemas.in=.schemas)
 
+@INTLTOOL_POLICY_RULE@
+
 gdm.schemas.in: $(srcdir)/gdm.schemas.in.in
 	sed	-e 's,[@]GDMPREFETCHCMD[@],$(GDMPREFETCHCMD),g' \
 		-e 's,[@]GDM_CUSTOM_CONF[@],$(GDM_CUSTOM_CONF),g' \
@@ -78,11 +80,18 @@
 localealiasdir = $(datadir)/gdm
 localealias_DATA = locale.alias
 
+polkitdir = $(datadir)/polkit-1/actions
+polkit_in_files = gdm.policy.in
+polkit_DATA = $(polkit_in_files:.policy.in=.policy)
+check:
+	$(POLKIT_POLICY_FILE_VALIDATE) $(polkit_DATA)
+
 EXTRA_DIST =			\
 	$(schemas_in_files)	\
 	$(schemas_DATA)		\
 	$(dbusconf_in_files)	\
 	$(localealias_DATA)	\
+	$(polkit_in_files)	\
 	gdm.schemas.in.in	\
 	gdm.conf-custom.in 	\
 	Xsession.in 		\
@@ -105,7 +114,8 @@
 	$(NULL)
 
 DISTCLEANFILES =			\
-	$(dbusconf_DATA)			\
+	$(dbusconf_DATA)		\
+	$(polkit_DATA)			\
 	gdm.schemas			\
 	$(NULL)
Commit	Line	Data
6c304bdf PZ	1	From 09153c6825e5b5157fba7600cefabb762d887891 Mon Sep 17 00:00:00 2001
	2	From: Robert Ancell <robert.ancell@ubuntu.com>
	3	Date: Thu, 6 Aug 2009 15:57:15 +0100
	4	Subject: [PATCH 1/2] Add PolicyKit support to GDM settings D-Bus interface
	5	Ubuntu: https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/395299
	6	Upstream: http://bugzilla.gnome.org/show_bug.cgi?id=587750
	7
0b2d3fda MB	8	diff -urN gdm-2.29.92/common/gdm-settings.c gdm-2.29.92.new//common/gdm-settings.c
	9	--- gdm-2.29.92/common/gdm-settings.c 2010-03-08 22:53:57.000000000 +0100
	10	+++ gdm-2.29.92.new//common/gdm-settings.c 2010-03-14 21:01:32.864403121 +0100
6c304bdf PZ	11	@@ -36,6 +36,7 @@
	12	#define DBUS_API_SUBJECT_TO_CHANGE
	13	#include <dbus/dbus-glib.h>
	14	#include <dbus/dbus-glib-lowlevel.h>
	15	+#include <polkit/polkit.h>
	16
	17	#include "gdm-settings.h"
	18	#include "gdm-settings-glue.h"
	19	@@ -110,6 +111,90 @@
	20	return res;
	21	}
	22
	23	+static void
	24	+unlock_auth_cb (PolkitAuthority *authority,
	25	+ GAsyncResult *result,
	26	+ DBusGMethodInvocation *context)
	27	+{
	28	+ PolkitAuthorizationResult *auth_result;
	29	+ GError *error = NULL;
	30	+
	31	+ auth_result = polkit_authority_check_authorization_finish (authority, result, &error);
	32	+
	33	+ if (!auth_result)
	34	+ dbus_g_method_return_error (context, error);
	35	+ else {
	36	+ dbus_g_method_return (context,
	37	+ polkit_authorization_result_get_is_authorized (auth_result));
	38	+ }
	39	+
	40	+ if (auth_result)
	41	+ g_object_unref (auth_result);
	42	+ if (error)
	43	+ g_error_free (error);
	44	+}
	45	+
	46	+gboolean
	47	+gdm_settings_unlock (GdmSettings *settings,
	48	+ DBusGMethodInvocation *context)
	49	+{
	50	+ polkit_authority_check_authorization (polkit_authority_get (),
	51	+ polkit_system_bus_name_new (dbus_g_method_get_sender (context)),
	52	+ "org.gnome.displaymanager.settings.write",
	53	+ NULL,
	54	+ POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
	55	+ NULL,
	56	+ (GAsyncReadyCallback) unlock_auth_cb,
	57	+ context);
	58	+}
	59	+
	60	+typedef struct
	61	+{
	62	+ GdmSettings *settings;
	63	+ DBusGMethodInvocation *context;
	64	+ gchar key, value;
	65	+} SetValueData;
	66	+
	67	+static void
	68	+set_value_auth_cb (PolkitAuthority *authority,
	69	+ GAsyncResult *result,
	70	+ SetValueData *data)
	71	+{
	72	+ PolkitAuthorizationResult *auth_result;
	73	+ GError *error = NULL;
	74	+
75	+ auth_result = polkit_authority_check_authorization_finish (authority, result, &error);
76	+
77	+ if (!auth_result)
78	+ dbus_g_method_return_error (data->context, error);
79	+ else {
80	+ if (polkit_authorization_result_get_is_authorized (auth_result)) {
81	+ gboolean result;
82	+
83	+ result = gdm_settings_backend_set_value (data->settings->priv->backend,
84	+ data->key,
85	+ data->value,
86	+ &error);
87	+ if (result)
88	+ dbus_g_method_return (data->context);
89	+ else
90	+ dbus_g_method_return_error (data->context, error);
91	+ }
92	+ else {
93	+ error = g_error_new (DBUS_GERROR_REMOTE_EXCEPTION, 0, "Not authorized");
94	+ dbus_g_method_return_error (data->context, error);
95	+ }
96	+ }
97	+
98	+ if (auth_result)
99	+ g_object_unref (auth_result);
100	+ if (error)
101	+ g_error_free (error);
102	+ g_free (data->key);
103	+ g_free (data->value);
104	+ g_free (data);
105	+}
106	+
107	/*
108	dbus-send --system --print-reply --dest=org.gnome.DisplayManager /org/gnome/DisplayManager/Settings org.gnome.DisplayManager.Settings.SetValue string:"xdmcp/Enable" string:"false"
109	*/
110	@@ -118,26 +203,30 @@
111	gdm_settings_set_value (GdmSettings *settings,
112	const char *key,
113	const char *value,
114	- GError **error)
115	+ DBusGMethodInvocation *context)
116	{
117	- GError *local_error;
118	- gboolean res;
119	-
120	+ SetValueData *data;
121	+
122	g_return_val_if_fail (GDM_IS_SETTINGS (settings), FALSE);
123	g_return_val_if_fail (key != NULL, FALSE);
124
125	g_debug ("Setting value %s", key);
126	-
127	- local_error = NULL;
128	- res = gdm_settings_backend_set_value (settings->priv->backend,
129	- key,
130	- value,
131	- &local_error);
132	- if (! res) {
133	- g_propagate_error (error, local_error);
134	- }
135	-
136	- return res;
137	+
138	+ /* Authorize with PolicyKit */
139	+ data = g_malloc (sizeof(SetValueData));
140	+ data->settings = settings;
141	+ data->context = context;
142	+ data->key = g_strdup(key);
143	+ data->value = g_strdup(value);
144	+ polkit_authority_check_authorization (polkit_authority_get (),
145	+ polkit_system_bus_name_new (dbus_g_method_get_sender (context)),
146	+ "org.gnome.displaymanager.settings.write",
147	+ NULL,
148	+ POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
149	+ NULL,
150	+ (GAsyncReadyCallback) set_value_auth_cb,
151	+ data);
152	+ return TRUE;
153	}
154
155	static gboolean
0b2d3fda MB	156	diff -urN gdm-2.29.92/common/gdm-settings.h gdm-2.29.92.new//common/gdm-settings.h
	157	--- gdm-2.29.92/common/gdm-settings.h 2010-03-08 22:53:57.000000000 +0100
	158	+++ gdm-2.29.92.new//common/gdm-settings.h 2010-03-14 21:01:32.864403121 +0100
6c304bdf PZ	159	@@ -23,6 +23,7 @@
	160	#define __GDM_SETTINGS_H
	161
	162	#include <glib-object.h>
	163	+#include <dbus/dbus-glib.h>
	164
	165	G_BEGIN_DECLS
	166
	167	@@ -70,10 +71,12 @@
	168	const char *key,
	169	char **value,
	170	GError **error);
	171	+gboolean gdm_settings_unlock (GdmSettings *settings,
	172	+ DBusGMethodInvocation *context);
	173	gboolean gdm_settings_set_value (GdmSettings *settings,
	174	const char *key,
	175	const char *value,
	176	- GError **error);
	177	+ DBusGMethodInvocation *context);
	178
	179	G_END_DECLS
	180
0b2d3fda MB	181	diff -urN gdm-2.29.92/common/gdm-settings.xml gdm-2.29.92.new//common/gdm-settings.xml
	182	--- gdm-2.29.92/common/gdm-settings.xml 2010-03-08 22:53:57.000000000 +0100
	183	+++ gdm-2.29.92.new//common/gdm-settings.xml 2010-03-14 21:01:32.864403121 +0100
6c304bdf PZ	184	@@ -5,7 +5,12 @@
	185	<arg name="key" direction="in" type="s"/>
	186	<arg name="value" direction="out" type="s"/>
	187	</method>
	188	+ <method name="Unlock">
	189	+ <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
	190	+ <arg name="is_unlocked" direction="out" type="b"/>
	191	+ </method>
	192	<method name="SetValue">
	193	+ <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
	194	<arg name="key" direction="in" type="s"/>
	195	<arg name="value" direction="in" type="s"/>
	196	</method>
0b2d3fda MB	197	diff -urN gdm-2.29.92/common/Makefile.am gdm-2.29.92.new//common/Makefile.am
	198	--- gdm-2.29.92/common/Makefile.am 2010-03-08 22:53:57.000000000 +0100
	199	+++ gdm-2.29.92.new//common/Makefile.am 2010-03-14 21:01:32.867730975 +0100
	200	@@ -110,6 +110,7 @@
	201	$(NULL)
	202
	203	libgdmcommon_la_LIBADD = \
	204	+ $(COMMON_LIBS) \
	205	$(NULL)
	206
	207	libgdmcommon_la_LDFLAGS = \
	208	diff -urN gdm-2.29.92/configure.ac gdm-2.29.92.new//configure.ac
	209	--- gdm-2.29.92/configure.ac 2010-03-08 23:09:47.000000000 +0100
	210	+++ gdm-2.29.92.new//configure.ac 2010-03-14 21:03:28.747726327 +0100
6c304bdf PZ	211	@@ -40,6 +40,7 @@
	212	dnl ---------------------------------------------------------------------------
	213
	214	DBUS_GLIB_REQUIRED_VERSION=0.74
	215	+POLKIT_GOBJECT_REQUIRED_VERSION=0.92
de273fad ŁK	216	GLIB_REQUIRED_VERSION=2.27.4
de273fad ŁK	217	GTK_REQUIRED_VERSION=2.91.1
6c304bdf	218	PANGO_REQUIRED_VERSION=1.3.0
0b2d3fda	219	@@ -60,6 +61,7 @@
6c304bdf PZ	220
	221	PKG_CHECK_MODULES(COMMON,
	222	dbus-glib-1 >= $DBUS_GLIB_REQUIRED_VERSION
	223	+ polkit-gobject-1 >= $POLKIT_GOBJECT_REQUIRED_VERSION
	224	gobject-2.0 >= $GLIB_REQUIRED_VERSION
	225	gio-2.0 >= $GLIB_REQUIRED_VERSION
	226	)
0b2d3fda	227	@@ -68,6 +70,7 @@
6c304bdf PZ	228
	229	PKG_CHECK_MODULES(DAEMON,
	230	dbus-glib-1 >= $DBUS_GLIB_REQUIRED_VERSION
	231	+ polkit-gobject-1 >= $POLKIT_GOBJECT_REQUIRED_VERSION
	232	gobject-2.0 >= $GLIB_REQUIRED_VERSION
0b2d3fda	233	gio-2.0 >= $GLIB_REQUIRED_VERSION
6c304bdf	234	)
0b2d3fda MB	235	diff -urN gdm-2.29.92/data/gdm.conf.in gdm-2.29.92.new//data/gdm.conf.in
	236	--- gdm-2.29.92/data/gdm.conf.in 2010-03-08 22:53:57.000000000 +0100
	237	+++ gdm-2.29.92.new//data/gdm.conf.in 2010-03-14 21:01:32.867730975 +0100
6c304bdf PZ	238	@@ -34,8 +34,6 @@
	239	<deny send_destination="org.gnome.DisplayManager"
	240	send_interface="org.gnome.DisplayManager.LocalDisplayFactory"/>
	241	<deny send_destination="org.gnome.DisplayManager"
	242	- send_interface="org.gnome.DisplayManager.Settings"/>
	243	- <deny send_destination="org.gnome.DisplayManager"
	244	send_interface="org.gnome.DisplayManager.Slave"/>
	245	<deny send_destination="org.gnome.DisplayManager"
	246	send_interface="org.gnome.DisplayManager.Session"/>
	247	@@ -44,6 +42,10 @@
	248	<allow send_destination="org.gnome.DisplayManager"
	249	send_interface="org.freedesktop.DBus.Introspectable"/>
	250
	251	+ <!-- Controlled by PolicyKit -->
	252	+ <allow send_destination="org.gnome.DisplayManager"
	253	+ send_interface="org.gnome.DisplayManager.Settings"/>
	254	+
	255	<allow send_destination="org.gnome.DisplayManager"
	256	send_interface="org.gnome.DisplayManager.Display"
	257	send_member="GetId"/>
0b2d3fda MB	258	diff -urN gdm-2.29.92/data/gdm.policy.in gdm-2.29.92.new//data/gdm.policy.in
	259	--- gdm-2.29.92/data/gdm.policy.in 1970-01-01 01:00:00.000000000 +0100
	260	+++ gdm-2.29.92.new//data/gdm.policy.in 2010-03-14 21:01:32.867730975 +0100
6c304bdf PZ	261	@@ -0,0 +1,18 @@
	262	+<?xml version="1.0" encoding="UTF-8"?>
	263	+<!DOCTYPE policyconfig PUBLIC
	264	+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
	265	+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
	266	+<policyconfig>
	267	+ <vendor>The GNOME Project</vendor>
	268	+ <vendor_url>http://www.gnome.org/</vendor_url>
	269	+ <icon_name>gdm</icon_name>
	270	+
	271	+ <action id="org.gnome.displaymanager.settings.write">
	272	+ <description>Change login screen configuration</description>
	273	+ <message>Privileges are required to change the login screen configuration.</message>
	274	+ <defaults>
	275	+ <allow_inactive>no</allow_inactive>
	276	+ <allow_active>auth_admin_keep</allow_active>
	277	+ </defaults>
	278	+ </action>
	279	+</policyconfig>
0b2d3fda MB	280	diff -urN gdm-2.29.92/data/Makefile.am gdm-2.29.92.new//data/Makefile.am
	281	--- gdm-2.29.92/data/Makefile.am 2010-03-08 22:53:57.000000000 +0100
	282	+++ gdm-2.29.92.new//data/Makefile.am 2010-03-14 21:06:01.074377153 +0100
	283	@@ -46,6 +46,8 @@
6c304bdf PZ	284	schemas_in_files = gdm.schemas.in
	285	schemas_DATA = $(schemas_in_files:.schemas.in=.schemas)
	286
	287	+@INTLTOOL_POLICY_RULE@
	288	+
	289	gdm.schemas.in: $(srcdir)/gdm.schemas.in.in
	290	sed -e 's,[@]GDMPREFETCHCMD[@],$(GDMPREFETCHCMD),g' \
	291	-e 's,[@]GDM_CUSTOM_CONF[@],$(GDM_CUSTOM_CONF),g' \
0b2d3fda MB	292	@@ -78,11 +80,18 @@
	293	localealiasdir = $(datadir)/gdm
	294	localealias_DATA = locale.alias
6c304bdf PZ	295
	296	+polkitdir = $(datadir)/polkit-1/actions
	297	+polkit_in_files = gdm.policy.in
	298	+polkit_DATA = $(polkit_in_files:.policy.in=.policy)
	299	+check:
	300	+ $(POLKIT_POLICY_FILE_VALIDATE) $(polkit_DATA)
	301	+
	302	EXTRA_DIST = \
	303	$(schemas_in_files) \
	304	$(schemas_DATA) \
	305	$(dbusconf_in_files) \
0b2d3fda	306	$(localealias_DATA) \
6c304bdf PZ	307	+ $(polkit_in_files) \
	308	gdm.schemas.in.in \
	309	gdm.conf-custom.in \
	310	Xsession.in \
0b2d3fda	311	@@ -105,7 +114,8 @@
6c304bdf PZ	312	$(NULL)
	313
	314	DISTCLEANFILES = \
	315	- $(dbusconf_DATA) \
	316	+ $(dbusconf_DATA) \
0b2d3fda	317	+ $(polkit_DATA) \
6c304bdf PZ	318	gdm.schemas \
	319	$(NULL)
	320