poll() is specified in POSIX.1-2001 as a simpler interface for
multiplexed file descriptors than select(). It also provides more
functionality.
This PR replaces the select() calls used in xrdp with poll()
equivalents.
For some window managers (fvwm2 and fvwm3) if the X server isn't
running and has output it's possible for the window manager to fail or
reconfigure randr incorrectly.
With xrdp-waitfox:
- Install xrdp-waitfox to the BIN dir.
- sesman will run xrdp-waitfox as the logged in user.
- Set an alarm to exit after 30 seconds.
- Try to open env DISPLAY value's display (10 seconds).
- Test for RandR extension.
- Wait for outputs to appear (10 seconds).
These log levels are unintendedly decreased during logging reworking.
Recording audio formats are useful to know which format is used in
current RDP session.
gnome shell has a way to start different desktop profiles, but all
use the same gnome-session binary.
currently implemented only for debian based distributions
The semantics of this call allowed it to be called more than once when
parsing a message to restart a parse. This is not likely to be
useful in practice, and it also makes reading file descriptors
more complicated. Consequently this function has been removed and
replaced with with libipm_msg_in_get_msgno()
The sesman tools sesrun and sesadmin now use the separate
authentication/authorization (AA) interface introduced to
sesman by the previous comment.
sesrun can use either password or UDS authentication. With some
limitations, this can allow for automatic creation of sessions for local
users without a password being needed.
sesadmin now operates using UDS logins only and so a username and
password are not required. To use sesadmin for another user, use
su/sudo/doas to authenticate as the other user.
Update sesman to cope with separate authentication/authorization (AA) and
command processing.
Also, internally users are now tracked by UID rather thn username.
This addresses a problem found by some users using federated naming
services (e.g. Active Directory) where the same user can be referred to
in more than one way. See https://github.com/neutrinolabs/xrdp/issues/1823
The separation of AA in this way allows for multiple attempts to be made
on one connection to get a password right. This addresses MaxLoginRetry
not working (https://github.com/neutrinolabs/xrdp/issues/1739)
The previous commit introduced a new interface for the auth modules. This
commit simply updates the other auth modules to use the new interface.
The basic auth module is also updated so that if a user has a shadow
password entry indicated, but the shadow entry cannot be found, an error
is logged rather than silently succeeding.
The BSD authentication module is also updated to allow it to be
compiled on a Linux system for basic testing.
An extra method auth_uds() is added to the PAM module to
allow a 'struct auth_info' to be created for a UDS login. The PAM stack
is used to check the UDS user can be authorized.
Also, an error code is returned from the auth module rather than a
simple boolean. This allows a more complete status to be communicated
to the user. See https://github.com/neutrinolabs/xrdp/discussions/1921
and also #909 and #642
