From c08e51c9ae9cbead7b3e683cf26af729206a239c Mon Sep 17 00:00:00 2001 From: David McKinney Date: Fri, 12 Feb 2021 10:10:39 -0500 Subject: [PATCH] Citadel config fixes and enhancements - Added citadel-setpassword.service and shell script to set a default password of 'citadel' in install mode, does not run in any other mode or if a password is already set - Re-implement disable logging out of Gnome: * Lock preventing log outs in gsettings override * Patched gnome-session so that locking log outs does not lock shutting down * Patched gnome-shell to remove 'Log Out' from status label - Added keyboard shortcut for Citadel Realms UI (gtk) to gnome-shell: * Added gsetting for the shortcut * Separated inital realm dconf database and Citadel dconf databases to use different settings for each * Added Ctrl+Alt+c as the keyboard shortcut for launching Citadel Realms UI to the citadel dconf database - Added neovim init.vim to realms skel since neovim is now default vim in realms --- .../citadel-config/citadel-config-gnome.bb | 12 +++- .../citadel-config/citadel-config.bb | 15 +++- .../files/citadel-setpassword.sh | 5 ++ .../build.d/citadel.d/citadel-dconf.conf | 21 ++++++ .../build.d/realms.d/initial-realm-dconf.conf | 16 +++++ .../gsettings/90_citadel.gschema.override | 5 +- .../citadel-config/files/skel/init.vim | 30 ++++++++ .../files/systemd/citadel-setpassword.service | 16 +++++ ...gout-so-it-does-not-disable-shutting.patch | 68 +++++++++++++++++++ .../gnome-session/gnome-session_3.38.0.bb | 5 +- ...ut-label-from-power-off-in-status-UI.patch | 22 ++++++ .../gnome-shell/gnome-shell_3.38.3.bb | 1 + 12 files changed, 209 insertions(+), 7 deletions(-) create mode 100755 meta-citadel/recipes-citadel/citadel-config/files/citadel-setpassword.sh create mode 100644 meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/citadel.d/citadel-dconf.conf create mode 100644 meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/realms.d/initial-realm-dconf.conf create mode 100644 meta-citadel/recipes-citadel/citadel-config/files/skel/init.vim create mode 100644 meta-citadel/recipes-citadel/citadel-config/files/systemd/citadel-setpassword.service create mode 100644 meta-gnome/recipes-gnome/gnome-session/gnome-session/0001-Patch-locking-logout-so-it-does-not-disable-shutting.patch create mode 100644 meta-gnome/recipes-gnome/gnome-shell/gnome-shell/0001-Remove-log-out-label-from-power-off-in-status-UI.patch diff --git a/meta-citadel/recipes-citadel/citadel-config/citadel-config-gnome.bb b/meta-citadel/recipes-citadel/citadel-config/citadel-config-gnome.bb index f7b5d24..fcde21f 100644 --- a/meta-citadel/recipes-citadel/citadel-config/citadel-config-gnome.bb +++ b/meta-citadel/recipes-citadel/citadel-config/citadel-config-gnome.bb @@ -9,23 +9,29 @@ S = "${WORKDIR}" SRC_URI = "\ file://gsettings/90_citadel.gschema.override \ - file://dconf/build.d/initial-realm-dconf.conf \ + file://dconf/build.d/realms.d/initial-realm-dconf.conf \ + file://dconf/build.d/citadel.d/citadel-dconf.conf \ " inherit allarch gsettings -# Build the binary dconf database which is installed by default into each new realm do_compile() { mkdir -p ${WORKDIR}/dconf-output - dconf compile ${WORKDIR}/dconf-output/user ${S}/dconf/build.d + # Build the binary dconf database which is installed by default into each new realm + dconf compile ${WORKDIR}/dconf-output/user ${S}/dconf/build.d/realms.d/ + # Build the binary dconf database which is installed by default into /home/citadel + dconf compile ${WORKDIR}/dconf-output/citadel ${S}/dconf/build.d/citadel.d/ } do_install() { install -d ${D}${datadir}/glib-2.0/schemas install -d ${D}${sysconfdir}/skel/.config/dconf + install -m 0755 -d ${D}${datadir}/factory/skel + install -m 0755 -d ${D}${datadir}/factory/skel/.config/dconf install -m 644 ${S}/gsettings/90_citadel.gschema.override ${D}${datadir}/glib-2.0/schemas install -m 644 ${WORKDIR}/dconf-output/user ${D}${sysconfdir}/skel/.config/dconf + install -m 644 ${WORKDIR}/dconf-output/citadel ${D}${datadir}/factory/skel/.config/dconf/user } FILES_${PN} = "/" diff --git a/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb b/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb index 3f6069b..6d2fdda 100644 --- a/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb +++ b/meta-citadel/recipes-citadel/citadel-config/citadel-config.bb @@ -27,6 +27,10 @@ UDEV_RULES = "\ file://udev/pci-pm.rules \ file://udev/scsi-alpm.rules \ " +DEFAULT_PASSWORD = "\ + file://citadel-setpassword.sh \ + file://systemd/citadel-setpassword.service \ +" SRC_URI = "\ file://locale.conf \ @@ -52,6 +56,7 @@ SRC_URI = "\ file://skel/profile \ file://skel/bashrc \ file://skel/vimrc \ + file://skel/init.vim \ file://apt-cacher-ng/acng.conf \ file://apt-cacher-ng/security.conf \ file://iwd/main.conf \ @@ -59,6 +64,7 @@ SRC_URI = "\ ${MODPROBE_CONFIG} \ ${SYSCTL_CONFIG} \ ${UDEV_RULES} \ + ${DEFAULT_PASSWORD} \ " USERADD_PACKAGES = "${PN}" @@ -70,7 +76,7 @@ RDEPENDS_${PN} = "bash" inherit allarch systemd useradd -SYSTEMD_SERVICE_${PN} = "zram-swap.service watch-run-user.path sway-session-switcher.service x11-session-switcher.service citadel-installer-backend.service installer-session-switcher.service" +SYSTEMD_SERVICE_${PN} = "zram-swap.service watch-run-user.path sway-session-switcher.service x11-session-switcher.service citadel-installer-backend.service installer-session-switcher.service citadel-setpassword.service" do_install() { install -m 0755 -d ${D}/storage @@ -78,7 +84,9 @@ do_install() { install -d ${D}${libdir}/sysctl.d install -m 0755 -d ${D}${libexecdir} install -m 0755 -d ${D}${sysconfdir}/profile.d - install -m 0755 -d ${D}${sysconfdir}/skel + install -m 0755 -d ${d}${sysconfdir}/skel + install -m 0755 -d ${D}${sysconfdir}/skel/.config + install -m 0755 -d ${D}${sysconfdir}/skel/.config/nvim install -m 0755 -d ${D}${sysconfdir}/tmpfiles.d install -m 0755 -d ${D}${sysconfdir}/udev/rules.d # install -m 0755 -d ${D}${sysconfdir}/NetworkManager @@ -111,6 +119,8 @@ do_install() { install -m 644 ${WORKDIR}/systemd/citadel-installer-backend.service ${D}${systemd_system_unitdir} install -m 644 ${WORKDIR}/systemd/installer-session-switcher.service ${D}${systemd_system_unitdir} + install -m 644 ${WORKDIR}/systemd/citadel-setpassword.service ${D}${systemd_system_unitdir} + install -m 0754 ${WORKDIR}/citadel-setpassword.sh ${D}${libexecdir} install -d ${D}${systemd_user_unitdir}/gnome-session@citadel-installer.target.d install -m 644 ${WORKDIR}/systemd/user/gnome-session@citadel-installer.target.d/session.conf ${D}${systemd_user_unitdir}/gnome-session@citadel-installer.target.d @@ -123,6 +133,7 @@ do_install() { install -m 644 -T ${WORKDIR}/skel/profile ${D}${sysconfdir}/skel/.profile install -m 644 -T ${WORKDIR}/skel/bashrc ${D}${sysconfdir}/skel/.bashrc install -m 644 -T ${WORKDIR}/skel/vimrc ${D}${sysconfdir}/skel/.vimrc + install -m 644 -T ${WORKDIR}/skel/init.vim ${D}${sysconfdir}/skel/.config/nvim/init.vim install -m 0644 ${WORKDIR}/sysctl/90-citadel-sysctl.conf ${D}${libdir}/sysctl.d/ diff --git a/meta-citadel/recipes-citadel/citadel-config/files/citadel-setpassword.sh b/meta-citadel/recipes-citadel/citadel-config/files/citadel-setpassword.sh new file mode 100755 index 0000000..1a3181c --- /dev/null +++ b/meta-citadel/recipes-citadel/citadel-config/files/citadel-setpassword.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +if [ ! -f /storage/citadel-state/passwd ]; then + /usr/bin/echo -n "citadel:aadg8rGtZzOY6" > /storage/citadel-state/passwd +fi diff --git a/meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/citadel.d/citadel-dconf.conf b/meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/citadel.d/citadel-dconf.conf new file mode 100644 index 0000000..f557e56 --- /dev/null +++ b/meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/citadel.d/citadel-dconf.conf @@ -0,0 +1,21 @@ +[org/gnome/desktop/interface] +cursor-theme='Paper' + +[org/gnome/settings-daemon/plugins/xsettings] +antialiasing='rgba' + +[org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9] +scrollbar-policy='never' +use-theme-colors=false +bold-color-same-as-fg=true +use-system-font=false +font='DejaVu Sans Mono 13' + +[org/gnome/terminal/legacy] +theme-variant='dark' +default-show-menubar=false + +[org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0] +binding='c' +command='/usr/libexec/citadel-realms-ui' +name='Launch Citadel Realms UI' diff --git a/meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/realms.d/initial-realm-dconf.conf b/meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/realms.d/initial-realm-dconf.conf new file mode 100644 index 0000000..7d9b6ff --- /dev/null +++ b/meta-citadel/recipes-citadel/citadel-config/files/dconf/build.d/realms.d/initial-realm-dconf.conf @@ -0,0 +1,16 @@ +[org/gnome/desktop/interface] +cursor-theme='Paper' + +[org/gnome/settings-daemon/plugins/xsettings] +antialiasing='rgba' + +[org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9] +scrollbar-policy='never' +use-theme-colors=false +bold-color-same-as-fg=true +use-system-font=false +font='DejaVu Sans Mono 13' + +[org/gnome/terminal/legacy] +theme-variant='dark' +default-show-menubar=false diff --git a/meta-citadel/recipes-citadel/citadel-config/files/gsettings/90_citadel.gschema.override b/meta-citadel/recipes-citadel/citadel-config/files/gsettings/90_citadel.gschema.override index 063303d..9396949 100644 --- a/meta-citadel/recipes-citadel/citadel-config/files/gsettings/90_citadel.gschema.override +++ b/meta-citadel/recipes-citadel/citadel-config/files/gsettings/90_citadel.gschema.override @@ -18,7 +18,7 @@ autorun-x-content-start-app=[] [org.gnome.desktop.lockdown] disable-user-switching=true - +disable-log-out=true [org.gnome.desktop.interface] cursor-theme='Paper' @@ -29,6 +29,9 @@ clock-format='12h' [org.gnome.shell] enabled-extensions=['dash-to-panel@jderose9.github.com'] +[org.gnome.settings-daemon.plugins.media-keys] +custom-keybindings=['/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/'] + [org.gnome.settings-daemon.plugins.xsettings] antialiasing='rgba' diff --git a/meta-citadel/recipes-citadel/citadel-config/files/skel/init.vim b/meta-citadel/recipes-citadel/citadel-config/files/skel/init.vim new file mode 100644 index 0000000..caba0da --- /dev/null +++ b/meta-citadel/recipes-citadel/citadel-config/files/skel/init.vim @@ -0,0 +1,30 @@ +syntax on +set hidden + +" +" Settings +" + +set noswapfile " Don't use swapfile +set splitright " Split vertical windows right to the current windows +set splitbelow " Split horizontal windows below to the current windows +set encoding=utf-8 " Set default encoding to UTF-8 +set autowrite " Automatically save before :next, :make etc. +set autoread " Automatically reread changed files without asking me anything + +set lazyredraw " Wait to redraw +set ignorecase " Search case insensitive... +set smartcase " ... but not when search pattern contains upper case characters +set ttyfast + +set termguicolors + +let &t_8f = "\[38;2;%lu;%lu;%lum" +let &t_8b = "\[48;2;%lu;%lu;%lum" + +set rtp+=/opt/share/vim + +if filereadable(expand("~/.base16vim")) + let base16colorspace=256 + source ~/.base16vim +endif diff --git a/meta-citadel/recipes-citadel/citadel-config/files/systemd/citadel-setpassword.service b/meta-citadel/recipes-citadel/citadel-config/files/systemd/citadel-setpassword.service new file mode 100644 index 0000000..c082cf5 --- /dev/null +++ b/meta-citadel/recipes-citadel/citadel-config/files/systemd/citadel-setpassword.service @@ -0,0 +1,16 @@ +[Unit] +Description=Citadel Set Password +After=storage.mount +Requires=storage.mount +After=gdm.service +ConditionPathExists=!/storage/citadel-state/passwd +ConditionKernelCommandLine=citadel.install + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart=/usr/libexec/citadel-setpassword.sh + +[Install] +WantedBy=multi-user.target +RequiredBy=graphical.target diff --git a/meta-gnome/recipes-gnome/gnome-session/gnome-session/0001-Patch-locking-logout-so-it-does-not-disable-shutting.patch b/meta-gnome/recipes-gnome/gnome-session/gnome-session/0001-Patch-locking-logout-so-it-does-not-disable-shutting.patch new file mode 100644 index 0000000..d037d4d --- /dev/null +++ b/meta-gnome/recipes-gnome/gnome-session/gnome-session/0001-Patch-locking-logout-so-it-does-not-disable-shutting.patch @@ -0,0 +1,68 @@ +From 77e6fdd36bdc562e42da57c5a753b885d57eea85 Mon Sep 17 00:00:00 2001 +From: David McKinney +Date: Fri, 12 Feb 2021 13:57:01 +0000 +Subject: [PATCH] Patch locking logout so it does not disable shutting down + +--- + gnome-session/gsm-manager.c | 15 +++++++-------- + 1 file changed, 7 insertions(+), 8 deletions(-) + +diff --git a/gnome-session/gsm-manager.c b/gnome-session/gsm-manager.c +index 6839a02..4c2e862 100644 +--- a/gnome-session/gsm-manager.c ++++ b/gnome-session/gsm-manager.c +@@ -553,10 +553,10 @@ end_phase (GsmManager *manager) + case GSM_MANAGER_PHASE_APPLICATION: + break; + case GSM_MANAGER_PHASE_RUNNING: +- if (_log_out_is_locked_down (manager)) { ++ /*if (_log_out_is_locked_down (manager)) { + g_warning ("Unable to logout: Logout has been locked down"); + start_next_phase = FALSE; +- } ++ }*/ + break; + case GSM_MANAGER_PHASE_QUERY_END_SESSION: + if (!do_query_end_session_exit (manager)) +@@ -2555,13 +2555,13 @@ gsm_manager_shutdown (GsmExportedManager *skeleton, + return TRUE; + } + +- if (_log_out_is_locked_down (manager)) { ++ /*if (_log_out_is_locked_down (manager)) { + g_dbus_method_invocation_return_error (invocation, + GSM_MANAGER_ERROR, + GSM_MANAGER_ERROR_LOCKED_DOWN, + "Logout has been locked down"); + return TRUE; +- } ++ }*/ + + task = g_task_new (manager, manager->priv->end_session_cancellable, (GAsyncReadyCallback) complete_end_session_task, invocation); + +@@ -2590,13 +2590,13 @@ gsm_manager_reboot (GsmExportedManager *skeleton, + return TRUE; + } + +- if (_log_out_is_locked_down (manager)) { ++ /*if (_log_out_is_locked_down (manager)) { + g_dbus_method_invocation_return_error (invocation, + GSM_MANAGER_ERROR, + GSM_MANAGER_ERROR_LOCKED_DOWN, + "Logout has been locked down"); + return TRUE; +- } ++ }*/ + + task = g_task_new (manager, manager->priv->end_session_cancellable, (GAsyncReadyCallback) complete_end_session_task, invocation); + +@@ -2617,8 +2617,7 @@ gsm_manager_can_shutdown (GsmExportedManager *skeleton, + + g_debug ("GsmManager: CanShutdown called"); + +- shutdown_available = !_log_out_is_locked_down (manager) && +- (gsm_system_can_stop (manager->priv->system) ++ shutdown_available = (gsm_system_can_stop (manager->priv->system) + || gsm_system_can_restart (manager->priv->system) + || gsm_system_can_suspend (manager->priv->system) + || gsm_system_can_hibernate (manager->priv->system)); diff --git a/meta-gnome/recipes-gnome/gnome-session/gnome-session_3.38.0.bb b/meta-gnome/recipes-gnome/gnome-session/gnome-session_3.38.0.bb index 98070aa..741e187 100644 --- a/meta-gnome/recipes-gnome/gnome-session/gnome-session_3.38.0.bb +++ b/meta-gnome/recipes-gnome/gnome-session/gnome-session_3.38.0.bb @@ -24,7 +24,10 @@ REQUIRED_DISTRO_FEATURES = "x11 systemd pam gobject-introspection-data" SRC_URI[archive.md5sum] = "736024b46e2542b9b68adaa43f754f49" SRC_URI[archive.sha256sum] = "7bcc0eb2cdba4b3f6d1b459b3a30873b7bb65b383c1f6a5f63c3e3b5c7943d67" -SRC_URI += " file://0001-Disable-sharing-and-usb-protection-add-systemd-to-de.patch" +SRC_URI += " \ + file://0001-Patch-locking-logout-so-it-does-not-disable-shutting.patch \ + file://0001-Disable-sharing-and-usb-protection-add-systemd-to-de.patch \ +" EXTRA_OEMESON += "-Dsystemd=true -Dsystemd_journal=true -Ddocbook=false -Dman=false" FILES_${PN} += " \ diff --git a/meta-gnome/recipes-gnome/gnome-shell/gnome-shell/0001-Remove-log-out-label-from-power-off-in-status-UI.patch b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell/0001-Remove-log-out-label-from-power-off-in-status-UI.patch new file mode 100644 index 0000000..0853221 --- /dev/null +++ b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell/0001-Remove-log-out-label-from-power-off-in-status-UI.patch @@ -0,0 +1,22 @@ +From 38a41a143b97b7dcf0512d6509e61d11582e681d Mon Sep 17 00:00:00 2001 +From: David McKinney +Date: Fri, 12 Feb 2021 13:58:36 +0000 +Subject: [PATCH] Remove log out label from power off in status UI + +--- + js/ui/status/system.js | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/js/ui/status/system.js b/js/ui/status/system.js +index 6f71109..b96780c 100644 +--- a/js/ui/status/system.js ++++ b/js/ui/status/system.js +@@ -113,7 +113,7 @@ class Indicator extends PanelMenu.SystemIndicator { + bindFlags); + + this._sessionSubMenu = new PopupMenu.PopupSubMenuMenuItem( +- _('Power Off / Log Out'), true); ++ _('Power Off'), true); + this._sessionSubMenu.icon.icon_name = 'system-shutdown-symbolic'; + + item = new PopupMenu.PopupMenuItem(_('Suspend')); diff --git a/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_3.38.3.bb b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_3.38.3.bb index bc06bbd..a74b70a 100644 --- a/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_3.38.3.bb +++ b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_3.38.3.bb @@ -15,6 +15,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@gnome_verdir("${PV}")}/${GNOMEBN}-${PV} file://0001-Disabled-calendar-events-from-user-session.patch \ file://0001-do-not-use-python-path-from-build-environment.patch \ file://0001-Remove-calendar-server-fix-build.patch \ + file://0001-Remove-log-out-label-from-power-off-in-status-UI.patch \ " DEPENDS = " \