Opie login becomes useable now:

 - pre- and post-session scripts (in $OPIEDIR/share/opie-login) to fix
   things like device ownership to user/root
 - logging in now doesn't simply mean: execute bin/qpe. instead opie-login
    * first tries to execute ~/.opie-session
    * if that doesn't exist $OPIEDIR/share/opie-login/opie-session
    * if that fails too, execute $OPIEDIR/bin/qpe
   you can now handle things like ssh-agent on a per-user basis.
(I'll commit the scripts later - for now it simply works like before)

3 files changed, 82 insertions, 10 deletions

diff --git a/core/opie-login/loginapplication.cpp b/core/opie-login/loginapplication.cpp
index 8d86a71..1facf2d 100644
--- a/core/opie-login/loginapplication.cpp
+++ b/core/opie-login/loginapplication.cpp
@@ -1,80 +1,82 @@
 /*
                =.            This file is part of the OPIE Project
              .=l.            Copyright (c)  2002 Robert Griebl <sandman@handhelds.org>
            .>+-=
  _;:,     .>    :=|.         This file is free software; you can
 .> <`_,   >  .   <=          redistribute it and/or modify it under
 :`=1 )Y*s>-.--   :           the terms of the GNU General Public
 .="- .-=="i,     .._         License as published by the Free Software
  - .   .-<_>     .<>         Foundation; either version 2 of the License,
      ._= =}       :          or (at your option) any later version.
     .%`+i>       _;_.
     .i_,=:_.      -<s.       This file is distributed in the hope that
      +  .  -:.       =       it will be useful, but WITHOUT ANY WARRANTY;
     : ..    .:,     . . .    without even the implied warranty of
     =_        +     =;=|`    MERCHANTABILITY or FITNESS FOR A
   _.=:.       :    :=>`:     PARTICULAR PURPOSE. See the GNU General
 ..}^=.=       =       ;      Public License for more details.
 ++=   -.     .`     .:
  :     =  ...= . :.=-        You should have received a copy of the GNU
  -.   .:....=;==+<;          General Public License along with this file;
   -_. . .   )=.  =           see the file COPYING. If not, write to the
     --        :-=`           Free Software Foundation, Inc.,
                              59 Temple Place - Suite 330,
                              Boston, MA 02111-1307, USA.
 
 */
 
 #include <pwd.h>
 #include <grp.h>
 #include <unistd.h>
 #include <stdlib.h>
 #include <signal.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
 
 #ifdef USEPAM
 extern "C" {
 #include <security/pam_appl.h>
 }
 #else
 #include <crypt.h>
 #include <shadow.h>
 #endif
 
 #include "loginapplication.h"
 
 LoginApplication *lApp;
 
 LoginApplication::LoginApplication ( int &argc, char **argv, pid_t parentpid )
         : QPEApplication ( argc, argv, GuiServer )
 {
         lApp = this;
         m_parentpid = parentpid;
 }
 
 const char *LoginApplication::s_username = 0;
 
 #ifdef USEPAM
 
 const char *LoginApplication::s_pam_password = 0;
 
 int LoginApplication::pam_helper ( int num_msg, const struct pam_message **msg, struct pam_response **resp, void * )
 {
         int replies = 0;
         struct pam_response *reply = 0;
         int size = sizeof( struct pam_response );
 
         for ( int i = 0; i < num_msg; i++ ) {
                 switch ( msg [i]-> msg_style ) {
                         case PAM_PROMPT_ECHO_ON: // user name given to PAM already
                                 return PAM_CONV_ERR;
 
                         case PAM_PROMPT_ECHO_OFF: // wants password
                                 reply = (struct pam_response *) ::realloc ( reply, size );
                                 if ( !reply )
                                         return PAM_CONV_ERR;
                                 size += sizeof( struct pam_response );
 
                                 reply [replies]. resp_retcode = PAM_SUCCESS;
                                 reply [replies]. resp = ::strdup ( s_pam_password );
                                 replies++; // PAM frees resp
                                 break;
@@ -113,109 +115,167 @@ bool LoginApplication::checkPassword ( const char *user, const char *pass )
 }
 
 #else
 
 bool LoginApplication::checkPassword ( const char *user, const char *pass )
 {
         char *encrypted, *correct;
         struct passwd *pw;
 
         if ( !user || !pass )
                 return false;
 
         pw = ::getpwnam ( user );
 
         if ( !pw )
                 return false;
 
         if (( ::strcmp ( pw-> pw_passwd, "x" ) == 0 ) || ( ::strcmp ( pw-> pw_passwd, "*" ) == 0 )) {
                 struct spwd *sp = ::getspnam ( pw-> pw_name );
 
                 if ( !sp )
                         return false;
 
                 correct = sp-> sp_pwdp;
         }
         else
                 correct = pw-> pw_passwd;
 
         if ( correct == 0 || correct[0] == '\0' )
                 return true;
 
         encrypted = ::crypt ( pass, correct );
         return ( ::strcmp ( encrypted, correct ) == 0 );
 }
 
 #endif
 
 bool LoginApplication::changeIdentity ( )
 {
         const char *DEFAULT_LOGIN_PATH      = "/bin:/usr/bin";
         const char *DEFAULT_ROOT_LOGIN_PATH = "/usr/sbin:/bin:/usr/bin:/sbin";
 
         if ( !s_username )
                 return false;
         struct passwd *pw = ::getpwnam ( s_username );
         if ( !pw )
                 return false;
 
+        // we are still root at this point - try to run the pre-session script
+        if ( !runRootScript ( "OPIEDIR", "share/opie-login/pre-session", s_username ))
+                qWarning ( "failed to run $OPIEDIR/share/opie-login/pre-session" );
+
         bool fail = false;
         fail |= ( ::initgroups ( pw-> pw_name, pw-> pw_gid ));
         ::endgrent ( );
         fail |= ( ::setgid ( pw-> pw_gid ));
         fail |= ( ::setuid ( pw-> pw_uid ));
 
         fail |= ( ::chdir ( pw-> pw_dir ) && ::chdir ( "/" ));
 
         fail |= ( ::setenv ( "HOME",    pw-> pw_dir, 1 ));
         fail |= ( ::setenv ( "SHELL",   pw-> pw_shell, 1 ));
         fail |= ( ::setenv ( "USER",    pw-> pw_name, 1 ));
         fail |= ( ::setenv ( "LOGNAME", pw-> pw_name, 1 ));
         fail |= ( ::setenv ( "PATH",    ( pw-> pw_uid ? DEFAULT_LOGIN_PATH : DEFAULT_ROOT_LOGIN_PATH ), 1 ));
 
         return !fail;
 }
 
 bool LoginApplication::login ( )
 {
-        char *opie = ::getenv ( "OPIEDIR" );
-        char *arg = new char [::strlen ( opie ) + 8 + 1];
+        execUserScript ( "HOME", ".opie-session" );
+        execUserScript ( "OPIEDIR", "share/opie-login/opie-session" );
+        execUserScript ( "OPIEDIR", "bin/qpe" );
+        
+        qWarning ( "failed to start an Opie session" );
+        return false;
+}
+
+void LoginApplication::logout ( )
+{
+        // we are now root again - try to run the post-session script
+        if ( !runRootScript ( "OPIEDIR", "share/opie-login/post-session" ))
+                        qWarning ( "failed to run $OPIEDIR/scripts/post-session" );
+}
 
-        ::strcpy ( arg, opie );
-        ::strcat ( arg, "/bin/qpe" );
 
-        // start qpe via a login shell
-        ::execl ( "/bin/sh", "-sh", "-c", arg, 0 );
+static char *buildarg ( const char *base, const char *script )
+{
+        const char *dir = base ? ::getenv ( base ) : "/";
+        char *arg = new char [::strlen ( dir ) + ::strlen ( script ) + 2];
 
-        return false;
+        ::strcpy ( arg, dir );
+        ::strcat ( arg, "/" );
+        ::strcat ( arg, script );
+
+        return arg;
+}
+
+bool LoginApplication::runRootScript ( const char *base, const char *script, const char *param )
+{
+        bool res = false;
+        char *arg = buildarg ( base, script );
+
+        struct stat st;
+        if (( ::stat ( arg, &st ) == 0 ) && ( st. st_uid == 0 )) {
+                        pid_t child = ::fork ( );
+                
+                if ( child == 0 ) {
+                        ::execl ( "/bin/sh", "-sh", arg, param, 0 );
+                        ::_exit ( -1 );
+                }
+                else if ( child > 0 ) {
+                        int status = 0;
+                
+                        while ( ::waitpid ( child, &status, 0 ) < 0 ) { }
+                        res = ( WIFEXITED( status )) && ( WEXITSTATUS( status ) == 0 );
+                }
+        }
+                
+        delete [] arg;
+        return res;
+}
+
+void LoginApplication::execUserScript ( const char *base, const char *script )
+{
+        char *arg = buildarg ( base, script );
+
+        struct stat st;
+        if ( ::stat ( arg, &st ) == 0 ) {
+                if ( st. st_mode & S_IXUSR )
+                        ::execl ( "/bin/sh", "-sh", "-c", arg, 0 );
+                else
+                        ::execl ( "/bin/sh", "-sh", arg, 0 );
+        }
 }
 
 const char *LoginApplication::loginAs ( )
 {
         return s_username;
 }
 
 void LoginApplication::setLoginAs ( const char *name )
 {
         s_username = name;
 }
 
 QStringList LoginApplication::allUsers ( )
 {
         struct passwd *pwd;
         QStringList sl;
 
         while (( pwd = ::getpwent ( ))) {
                 if (( pwd-> pw_uid == 0 ) || ( pwd-> pw_uid >= 500 && pwd-> pw_uid < 65534 ))
                         sl << QString ( pwd-> pw_name );
         }
 
         ::endpwent ( );
 
         return sl;
 }
 
 void LoginApplication::quitToConsole ( )
 {
         QPEApplication::quit ( );
         ::kill ( m_parentpid, SIGTERM );
 }
diff --git a/core/opie-login/loginapplication.h b/core/opie-login/loginapplication.h
index 4e7cf79..d8264ea 100644
--- a/core/opie-login/loginapplication.h
+++ b/core/opie-login/loginapplication.h
@@ -1,70 +1,74 @@
 /*
                =.            This file is part of the OPIE Project
              .=l.            Copyright (c)  2002 Robert Griebl <sandman@handhelds.org>
            .>+-=
  _;:,     .>    :=|.         This file is free software; you can
 .> <`_,   >  .   <=          redistribute it and/or modify it under
 :`=1 )Y*s>-.--   :           the terms of the GNU General Public
 .="- .-=="i,     .._         License as published by the Free Software
  - .   .-<_>     .<>         Foundation; either version 2 of the License,
      ._= =}       :          or (at your option) any later version.
     .%`+i>       _;_.
     .i_,=:_.      -<s.       This file is distributed in the hope that
      +  .  -:.       =       it will be useful, but WITHOUT ANY WARRANTY;
     : ..    .:,     . . .    without even the implied warranty of
     =_        +     =;=|`    MERCHANTABILITY or FITNESS FOR A
   _.=:.       :    :=>`:     PARTICULAR PURPOSE. See the GNU General
 ..}^=.=       =       ;      Public License for more details.
 ++=   -.     .`     .:
  :     =  ...= . :.=-        You should have received a copy of the GNU
  -.   .:....=;==+<;          General Public License along with this file;
   -_. . .   )=.  =           see the file COPYING. If not, write to the
     --        :-=`           Free Software Foundation, Inc.,
                              59 Temple Place - Suite 330,
                              Boston, MA 02111-1307, USA.
 
 */
 
 #ifndef __OPIE_LOGINAPPLICATION_H__
 #define __OPIE_LOGINAPPLICATION_H__
 
+#include <sys/types.h>
 #include <qstringlist.h>
-
 #include <qpe/qpeapplication.h>
 
 #ifdef USEPAM
 struct pam_message;
 struct pam_response;
 #endif
 
 class LoginApplication : public QPEApplication {
 public:
         LoginApplication ( int &argc, char **argv, pid_t parentpid );
 
         static bool checkPassword ( const char *user, const char *password );
 
         static const char *loginAs ( );
         static void setLoginAs ( const char *user );
 
         static bool changeIdentity ( );
         static bool login ( );
+        static void logout ( );
 
         static QStringList allUsers ( );
 
         void quitToConsole ( );
 
+        static bool runRootScript ( const char *base, const char *script, const char *param = 0 );
+        static void execUserScript ( const char *base, const char *script );
+
 private:
         static const char *s_username;
 
 #ifdef USEPAM
         static int pam_helper ( int num_msg, const struct pam_message **msg, struct pam_response **resp, void * );
         static const char *s_pam_password;
 #endif
 
 private:
         pid_t m_parentpid;
 };
 
 extern LoginApplication *lApp;
 
 #endif
diff --git a/core/opie-login/main.cpp b/core/opie-login/main.cpp
index 674829d..81f4d1e 100644
--- a/core/opie-login/main.cpp
+++ b/core/opie-login/main.cpp
@@ -17,182 +17,187 @@
 ..}^=.=       =       ;      Public License for more details.
 ++=   -.     .`     .:
  :     =  ...= . :.=-        You should have received a copy of the GNU
  -.   .:....=;==+<;          General Public License along with this file;
   -_. . .   )=.  =           see the file COPYING. If not, write to the
     --        :-=`           Free Software Foundation, Inc.,
                              59 Temple Place - Suite 330,
                              Boston, MA 02111-1307, USA.
 
 */
 
 #define _GNU_SOURCE
 
 #include <sys/types.h>
 #include <time.h>
 #include <sys/time.h>
 #include <sys/resource.h>
 #include <unistd.h>
 #include <syslog.h>
 #include <sys/wait.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <signal.h>
 #include <getopt.h>
 #include <string.h>
 
 #include <qpe/qpeapplication.h>
 #include <qpe/qcopenvelope_qws.h>
 #include <qpe/qpestyle.h>
 #include <qpe/power.h>
 #include <qpe/config.h>
 
 #include <opie/odevice.h>
 
 #include <qwindowsystem_qws.h>
 #include <qmessagebox.h>
 #include <qlabel.h>
 #include <qtimer.h>
 #include <qfile.h>
 
 #include "loginapplication.h"
 #include "loginwindowimpl.h"
 #include "calibrate.h"
 
 using namespace Opie;
 
 int login_main ( int argc, char **argv, pid_t ppid );
 void sigterm ( int sig );
+void sigint ( int sig );
 void exit_closelog ( );
 
 static struct option long_options [] = {
         { "autologin", 1, 0, 'a' },
         { 0, 0, 0, 0 }
 };
 
 
 int main ( int argc, char **argv )
 {
         pid_t ppid = ::getpid ( );
 
-
         if ( ::geteuid ( ) != 0 ) {
                 ::fprintf ( stderr, "%s can only be executed by root. (or chmod +s)", argv [0] );
                 return 1;
         }
         if ( ::getuid ( ) != 0 ) // qt doesn't really like SUID and
                 ::setuid ( 0 );      // messes up things like config files
 
         char *autolog = 0;
         int c;
         while (( c = ::getopt_long ( argc, argv, "a:", long_options, 0 )) != -1 ) {
                 switch ( c ) {
                         case 'a':
                                 autolog = optarg;
                                 break;
                         default:
                                 ::fprintf ( stderr, "Usage: %s [-a|--autologin=<user>]\n", argv [0] );
                                 return 2;
                 }
         }
 
         //struct rlimit rl;
         //::getrlimit ( RLIMIT_NOFILE, &rl );
 
         //for ( unsigned int i = 0; i < rl. rlim_cur; i++ )
         //      ::close ( i );
 
         ::setpgid ( 0, 0 );
         ::setsid ( );
 
-        ::signal ( SIGTERM, sigterm );
+                ::signal ( SIGTERM, sigterm );
+        ::signal ( SIGINT, sigterm );
 
         ::openlog ( "opie-login", LOG_CONS, LOG_AUTHPRIV );
         ::atexit ( exit_closelog );
 
         while ( true ) {
                 pid_t child = ::fork ( );
 
                 if ( child < 0 ) {
                         ::syslog ( LOG_ERR, "Could not fork GUI process\n" );
                         break;
                 }
                 else if ( child > 0 ) {
                         int status = 0;
                         time_t started = ::time ( 0 );
 
                         while ( ::waitpid ( child, &status, 0 ) < 0 ) { }
 
+                        LoginApplication::logout ( );
+
                         if (( ::time ( 0 ) - started ) < 3 ) {
                                 if ( autolog ) {
                                         ::syslog ( LOG_ERR, "Respawning too fast -- disabling auto-login\n" );
                                         autolog = 0;
                                 }
                                 else {
                                         ::syslog ( LOG_ERR, "Respawning too fast -- going down\n" );
                                         break;
                                 }
                         }
                         int killedbysig = 0;
 
                         if ( WIFSIGNALED( status )) {
                                 switch ( WTERMSIG( status )) {
                                         case SIGINT :
                                         case SIGTERM:
                                         case SIGKILL:
                                                 break;
 
                                         default     :
                                                 killedbysig = WTERMSIG( status );
                                                 break;
                                 }
                         }
                         if ( killedbysig ) {  // qpe was killed by an uncaught signal
                                 qApp = 0;
+                                
+                                ::syslog ( LOG_ERR, "Opie was killed by a signal #%d", killedbysig );
 
                                 QWSServer::setDesktopBackground ( QImage ( ));
                                 QApplication *app = new QApplication ( argc, argv, QApplication::GuiServer );
                                 app-> setFont ( QFont ( "Helvetica", 10 ));
                                 app-> setStyle ( new QPEStyle ( ));
 
                                 const char *sig = ::strsignal ( killedbysig );
                                 QLabel *l = new QLabel ( 0, "sig", Qt::WStyle_Customize | Qt::WStyle_NoBorder | Qt::WStyle_Tool );
                                 l-> setText ( LoginWindowImpl::tr( "OPIE was terminated\nby an uncaught signal\n(%1)\n" ). arg ( sig ));
                                 l-> setAlignment ( Qt::AlignCenter );
                                 l-> move ( 0, 0 );
                                 l-> resize ( app-> desktop ( )-> width ( ), app-> desktop ( )-> height ( ));
                                 l-> show ( );
                                 QTimer::singleShot ( 3000, app, SLOT( quit ( )));
                                 app-> exec ( );
                                 delete app;
                                 qApp = 0;
                         }
                 }
                 else {
                         if ( !autolog ) {
                                 Config cfg ( "opie-login" );
                                 cfg. setGroup ( "General" );
                                 QString user = cfg. readEntry ( "AutoLogin" );
                                 
                                 if ( !user. isEmpty ( ))
                                         autolog = ::strdup ( user. latin1 ( ));
                         }
                 
                         if ( autolog ) {
                                 LoginApplication::setLoginAs ( autolog );
 
                                 if ( LoginApplication::changeIdentity ( ))
                                         ::exit ( LoginApplication::login ( ));
                                 else
                                         ::exit ( 0 );
                         }
                         else 
                                 ::exit ( login_main ( argc, argv, ppid ));
                 }
         }
         return 0;
 }
 
 void sigterm ( int /*sig*/ )
 {
         ::exit ( 0 );
 }
@@ -258,103 +263,106 @@ public:
     v [ 2 ] = QMAX( 1000 * i3, 100 );
     v [ 3 ] = 0;
 
     if ( !i1 && !i2 && !i3 )
       QWSServer::setScreenSaverInterval ( 0 );
     else
       QWSServer::setScreenSaverIntervals ( v );
   }
 
   int backlight ( )
   {
     if ( m_backlight_bright == -1 )
       m_backlight_bright = 255;
 
     return m_backlight_bright;
   }
 
   void setBacklight ( int bright )
   {
     if ( bright == -3 ) {
       // Forced on
       m_backlight_forcedoff = false;
       bright = -1;
     }
     if ( m_backlight_forcedoff && bright != -2 )
       return ;
     if ( bright == -2 ) {
       // Toggle between off and on
       bright = m_backlight_bright ? 0 : -1;
       m_backlight_forcedoff = !bright;
     }
 
     m_backlight_bright = bright;
 
     bright = backlight ( );
     ODevice::inst ( ) -> setDisplayBrightness ( bright );
 
     m_backlight_bright = bright;
   }
 
 private:
   bool m_lcd_status;
 
   int m_backlight_bright;
   bool m_backlight_forcedoff;
 };
 
 
+namespace Opie { extern int force_appearance; }  // HACK to get around the force-style setting
 
 
 int login_main ( int argc, char **argv, pid_t ppid )
 {
         QWSServer::setDesktopBackground( QImage() );
         LoginApplication *app = new LoginApplication ( argc, argv, ppid );
 
+        Opie::force_appearance = 0;
+
         app-> setFont ( QFont ( "Helvetica", 10 ));
         app-> setStyle ( new QPEStyle ( ));
 
         ODevice::inst ( )-> setSoftSuspend ( true );
 
 #if defined(QT_QWS_CASSIOPEIA) || defined(QT_QWS_IPAQ) || defined(QT_QWS_EBX)
         if ( !QFile::exists ( "/etc/pointercal" )) {
                 // Make sure calibration widget starts on top.
                 Calibrate *cal = new Calibrate;
                 cal-> exec ( );
                 delete cal;
         }
 #endif
 
         LoginScreenSaver *saver = new LoginScreenSaver;
 
         saver-> setIntervals ( );
         QWSServer::setScreenSaver ( saver );
         saver-> restore ( );
 
 
         LoginWindowImpl *lw = new LoginWindowImpl ( );
         app-> setMainWidget ( lw );
         lw-> setGeometry ( 0, 0, app-> desktop ( )-> width ( ), app-> desktop ( )-> height ( ));
         lw-> show ( );
 
         int rc = app-> exec ( );
 
         ODevice::inst ( )-> setSoftSuspend ( false );
 
         if ( app-> loginAs ( )) {
                 if ( app-> changeIdentity ( )) {
                         app-> login ( );
 
                         // if login succeeds, it never comes back
 
                         QMessageBox::critical ( 0, LoginWindowImpl::tr( "Failure" ), LoginWindowImpl::tr( "Could not start OPIE." ));
                         rc = 1;
                 }
                 else {
                         QMessageBox::critical ( 0, LoginWindowImpl::tr( "Failure" ), LoginWindowImpl::tr( "Could not switch to new user identity" ));
                         rc = 2;
                 }
 
         }
         return rc;
 }