Okay, digging through the lightdm code a little, I'm looking at:
in src/display.c, the start_user_session() function does:
...
g_debug ("Starting user session");
user = pam_session_get_user (authentication);
/* Load the users login settings (~/.dmrc) */
dmrc_file = dmrc_load (user_get_name (user));
...
And in src/dmrc.c, the dmrc_load() function:
...
/* Load from the user directory, if this fails (e.g. the user directory
* is not yet mounted) then load from the cache */
path = g_build_filename (user_get_home_directory (user), ".dmrc", NULL);
have_dmrc = g_key_file_load_from_file (dmrc_file, path, G_KEY_FILE_KEEP_COMMENTS, NULL);
g_free (path);
...
Basically, if the user's home directory is not mounted, then something is *wrong*, and we shouldn't be proceeding yet. Lightdm should be blocking until the pam session start completes successfully.
Further down, this is just wrong:
...
/* Update the users .dmrc */
if (user)
{
path = g_build_filename (user_get_home_directory (user), ".dmrc", NULL); g_file_set_contents (path, data, length, NULL);
if (getuid () == 0 && chown (path, user_get_uid (user), user_get_gid (user)) < 0) g_warning ("Error setting ownership on %s: %s", path, strerror (errno));
g_free (path);
}
...
This is creating the ~/.dmrc file in a read-only $HOME directory as the root user, and then chowning it over to $USER. This leaves un-encrypted files in the user's home directory, which is very much undesirable, if a user is encrypting their home.
I haven't found a solution yet as I'm only looking at this a little bit while at a conference, but I thought I'd leave a few notes here :-)
Okay, digging through the lightdm code a little, I'm looking at:
in src/display.c, the start_user_ session( ) function does: get_user (authentication);
...
g_debug ("Starting user session");
user = pam_session_
/* Load the users login settings (~/.dmrc) */
dmrc_file = dmrc_load (user_get_name (user));
...
And in src/dmrc.c, the dmrc_load() function: home_directory (user), ".dmrc", NULL); load_from_ file (dmrc_file, path, G_KEY_FILE_ KEEP_COMMENTS, NULL);
...
/* Load from the user directory, if this fails (e.g. the user directory
* is not yet mounted) then load from the cache */
path = g_build_filename (user_get_
have_dmrc = g_key_file_
g_free (path);
...
Basically, if the user's home directory is not mounted, then something is *wrong*, and we shouldn't be proceeding yet. Lightdm should be blocking until the pam session start completes successfully.
Further down, this is just wrong: home_directory (user), ".dmrc", NULL);
g_file_ set_contents (path, data, length, NULL);
g_ warning ("Error setting ownership on %s: %s", path, strerror (errno));
...
/* Update the users .dmrc */
if (user)
{
path = g_build_filename (user_get_
if (getuid () == 0 && chown (path, user_get_uid (user), user_get_gid (user)) < 0)
g_free (path);
}
...
This is creating the ~/.dmrc file in a read-only $HOME directory as the root user, and then chowning it over to $USER. This leaves un-encrypted files in the user's home directory, which is very much undesirable, if a user is encrypting their home.
I haven't found a solution yet as I'm only looking at this a little bit while at a conference, but I thought I'd leave a few notes here :-)