SDTLOGIN interface

[Alan Coopersmith]

Xavier Toth wrote:
> All I actually know about SDTLOGIN is the little blurb I read in the
> GDM docs. So could I please get a little background like what exactly
> it is/how it works? By chance is there a patch that includes it?

When the X server starts, it creates a named pipe (aka fifo) in a
directory writable only by root.  The display manager opens the other
end of this pipe for writing.   Once it's displayed the login screen
and authenticated a user, the display manager writes a series of
key value pairs over the pipe such as:
	
       UID="123" GID="10";
       G_LIST_ID="1" G_LIST_ID="2" G_LIST_ID="3";
       HOME="/home/bob" EOF="";

Once it sees the EOF="" token, the Xserver closes the pipe and
processes the other pairs - approximately:
	setregid(GID)
	setgroups(G_LIST_ID list)
	chown(server-auth-file, UID)
	setreuid(UID)
	chdir(HOME)

The code currently used in Solaris Xorg 1.3 is the combination of:
http://src.opensolaris.org/source/xref/fox/fox-gate/XW_NV/open-src/xserver/xorg/dtlogin-userinfo.patch
http://src.opensolaris.org/source/xref/fox/fox-gate/XW_NV/open-src/xserver/xorg/sun-src/os/dtlogin.c

[I recently pushed a newer version of that file with fixes & cleanups,
 but the web view is out of sync - the latest should be available via
 the Mercurial gate at ssh://anon@hg.opensolaris.org/hg/fox/fox-gate .]
	
It currently has some minor Solarisism's, such as the support of
Solaris project id's (used for accounting to aggregate information
from users into their project groups), but shouldn't be hard to
make generic.

(The sdtlogin name is because this was originally written for the
 Solaris version of CDE's dtlogin display manager, though as you've
 seen, has later been ported to gdm - I've wondered if a more
 generic name would be better when contributing to Xorg or if we
 should just retcon it to something like "Secure DeskTop Login".)

-- 
	-Alan Coopersmith-           alan.coopersmith at sun.com
	 Sun Microsystems, Inc. - X Window System Engineering