1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1109435: unblock: gdm3/48.0-2

    From Simon McVittie@21:1/5 to All on Thu Jul 17 18:00:01 2025
    XPost: linux.debian.devel.release

    Package: release.debian.org
    Severity: normal
    X-Debbugs-Cc: [email protected], [email protected]
    Control: affects -1 + src:gdm3
    User: [email protected]
    Usertags: unblock

    (Explicitly cc'ing Marco since he's the author of most of our
    integration glue for gdm smart card auth, to give him one last
    opportunity to propose a better solution.)

    [ Reason ]

    RC bug #1051785

    [ Impact ]

    If not accepted, booting a GNOME system with a smartcard inserted in a
    reader, or with a smartcard-based authentication token like a Yubikey,
    makes it more difficult or sometimes impossible to log in with a
    username and password (depending whether libpam-sss is installed).

    The proposed version also removes some misleading commented-out example configuration, which would have no effect if uncommented (#1105057);
    adds commented-out example configuration for disabling fingerprint authentication; and fixes a future FTBFS with gcc-15 (#1096689) while I
    was preparing an upload anyway.

    [ Tests ]

    Manually tested, login works normally. Plugging in a Nitrokey Pro to an otherwise unconfigured test system does not affect the login flow any
    more.

    [ Risks ]

    Key package, central to our default desktop environment.

    I'm not a primary maintainer of this package, I'm only stepping in to
    fix the RC bug since other GNOME team members don't seem to have had
    enough time available.

    Sysadmins who want to allow smart card authentication might not realize
    that, in addition to enrolling smart cards and setting up the smartcard
    to uid mapping, they will need to edit /etc/gdm3/greeter.dconf-defaults
    to re-enable it.

    Sysadmins who want to *only* allow smart card authentication (with
    password auth forbidden) might not realize that they need to `update-alternatives --config gdm-smartcard`, as well as installing
    libpam-sss.

    (I think those are not a big concern in practice, because sysadmins who
    want to set this up will already need to do quite lot of other setup,
    and can be expected to know what they're doing.)

    The changes for #1105057 are low-risk, they only add/remove comments and
    remove the headings of some empty .ini-style groups.

    The changes for #1096689 are low-risk, they only rename a local variable.

    [ Checklist ]

    [x] all changes are documented in the d/changelog
    [x] I reviewed all changes and I approve them
    [x] attach debdiff against the package in testing

    unblock gdm3/48.0-2

    diffstat for gdm3-48.0 gdm3-48.0

    common/gdm-settings-utils.c | 8 -
    common/gdm-settings-utils.h | 2
    debian/changelog | 47 +++++++++
    debian/gdm3.alternatives | 4
    debian/greeter.dconf-defaults | 18 ---
    debian/patches/gdm-settings-utils-rename-variable-to-fix-build-with-gcc-.patch | 51 ++++++++++
    debian/patches/series | 1
    7 files changed, 110 insertions(+), 21 deletions(-)

    diff -Nru gdm3-48.0/common/gdm-settings-utils.c gdm3-48.0/common/gdm-settings-utils.c
    --- gdm3-48.0/common/gdm-settings-utils.c 2025-03-17 16:07:15.000000000 +0000
    +++ gdm3-48.0/common/gdm-settings-utils.c 2025-07-13 23:03:11.000000000 +0100
    @@ -287,16 +287,16 @@
    /* adapted from GKeyFile */
    gboolean
    gdm_settings_parse_value_as_boolean (const char *value,
    - gboolean *bool)
    + gboolean *boolval)
    {
    g_return_val_if_fail (value != NULL, FALSE);
    - g_return_val_if_fail (bool != NULL, FALSE);
    + g_return_val_if_fail (boolval != NULL, FALSE);

    if (g_ascii_strcasecmp (value, "true") == 0 || strcmp (value, "1") == 0) {
    - *bool = TRUE;
    + *boolval = TRUE;
    return TRUE;
    } else if (g_ascii_strcasecmp (value, "false") == 0 || strcmp (value, "0") == 0) {
    - *bool = FALSE;
    + *boolval = FALSE;
    return TRUE;
    } else {
    return FALSE;
    diff -Nru gdm3-48.0/common/g