Add new failsafe session for Trusted Extensions to enable root terminal
access for authorised users for those times the multlabel desktop may
need to be fixed to work properly.
Index: patches/tsoljdslabel-02-newgdmfailsafe.diff
===================================================================
--- patches/tsoljdslabel-02-newgdmfailsafe.diff (revision 0)
+++ patches/tsoljdslabel-02-newgdmfailsafe.diff (revision 0)
@@ -0,0 +1,62 @@
+diff -urN tsoljdalabel.orig/Makefile.am tsoljdalabel.new/Makefile.am
+--- tsoljdalabel.orig/Makefile.am 2010-01-15 10:55:02.733401167 +0000
++++ tsoljdalabel.new/Makefile.am 2010-01-15 10:55:47.256424282 +0000
+@@ -3,7 +3,7 @@
+ AUTOMAKE_OPTIONS = dist-bzip2
+
+ desktopdir = $(datadir)/xsessions/multilabel
+-desktop_in_files = tgnome.desktop.in
++desktop_in_files = tgnome.desktop.in txfailsafe.desktop.in
+ desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
+ @INTLTOOL_DESKTOP_RULE@
+
+diff -urN tsoljdalabel.orig/src/Makefile.am
tsoljdalabel.new/src/Makefile.am
+--- tsoljdalabel.orig/src/Makefile.am 2010-01-15 10:55:02.730424069
+0000
++++ tsoljdalabel.new/src/Makefile.am 2010-01-15 10:56:02.624870047 +0000
+@@ -6,6 +6,7 @@
+ $(TSOLJDSLABEL_CFLAGS)
+
+ bin_PROGRAMS = tsoljdslabel tsoljdslabel-ui
++bin_SCRIPTS = txfailsafe
+
+ tsoljdslabel_SOURCES = suidwrapper.c
+
+diff -urN tsoljdalabel.orig/src/txfailsafe tsoljdalabel.new/src/txfailsafe
+--- tsoljdalabel.orig/src/txfailsafe 1970-01-01 01:00:00.000000000 +0100
++++ tsoljdalabel.new/src/txfailsafe 2010-01-15 10:56:18.561200186 +0000
+@@ -0,0 +1,22 @@
++#!/usr/bin/bash
++
++rootrole=$(roles | grep -c root)
++if [[ $rootrole == 1 ]] ; then
++ echo "This is the failsafe xterm session. You must provide the root"
++ echo "password to continue. If you cannot log in any other way
please"
++ echo "contact your system administrator."
++ echo ""
++ echo "Please enter the root password"
++ su
++ while [[ $? == 1 ]] ; do
++ su
++ done
++else
++ echo "The failsafe session is restricted to users who have been"
++ echo "assigned the root role. If you cannot log in any other way"
++ echo "please contact your system administrator."
++ echo ""
++ echo "Press the return key to return to the login screen"
++ read line
++fi
++
+diff -urN tsoljdalabel.orig/txfailsafe.desktop.in
tsoljdalabel.new/txfailsafe.desktop.in
+--- tsoljdalabel.orig/txfailsafe.desktop.in 1970-01-01
01:00:00.000000000 +0100
++++ tsoljdalabel.new/txfailsafe.desktop.in 2010-01-15
10:55:38.624342584 +0000
+@@ -0,0 +1,9 @@
++[Desktop Entry]
++Encoding=UTF-8
++Name=Solaris Trusted Extension Failsafe
++Comment=This session logs you into a Trusted Extensions failsafe xterm
++Exec=/usr/X11/bin/xterm -e /usr/bin/txfailsafe
++# no icon yet, only the top three are currently used
++Icon=
++Type=Application
++X-GDM-BypassXsession=true
Index: SUNWtgnome-tsoljdslabel.spec
===================================================================
--- SUNWtgnome-tsoljdslabel.spec (revision 20482)
+++ SUNWtgnome-tsoljdslabel.spec (working copy)
@@ -25,6 +25,7 @@
Source1: l10n-configure.sh
%endif
Patch1: tsoljdslabel-01-focus.diff
+Patch2: tsoljdslabel-02-newgdmfailsafe.diff
SUNW_BaseDir: %{_basedir}
SUNW_Copyright: %{name}.copyright
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -56,6 +57,7 @@
%prep
%setup -q -n tsoljdslabel-%{tsoljdslabel_version}
%patch1
+%patch2 -p1
%build
export ACLOCAL_FLAGS="-I /usr/share/aclocal"
@@ -121,10 +123,12 @@
%dir %attr (0755, root, bin) %{_bindir}
%{_bindir}/tsoljdslabel
%{_bindir}/tsoljdslabel-ui
+%{_bindir}/txfailsafe
%dir %attr(0755, root, sys) %{_datadir}
%dir %attr(0755, root, bin) %{_datadir}/xsessions
%dir %attr(0755, root, bin) %{_datadir}/xsessions/multilabel
%{_datadir}/xsessions/multilabel/tgnome.desktop
+%{_datadir}/xsessions/multilabel/txfailsafe.desktop
%dir %attr (0755, root, bin) %{_prefix}/dt
%dir %attr (0755, root, bin) %{_prefix}/dt/config
%{_prefix}/dt/config/Xsession.tjds
