#!/bin/sh
#
# ident "$Id$ SMI"
#
#*******************************************************************************
#
# Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
#*******************************************************************************
#

#
## gdm is structured in such a way that it launches a greeter regardless of
## whether or not one is actually needed. This is problematic in the Kiosk
## case where it results in the greeter appearing ( usually for a short period
## of time ) before Kiosk completes PAM authentication. This in turn provides
## temporary access to all the greeter's functionality e.g. changing locale,
## rebooting the machine etc.
##
## kioskgreeter is provided to avoid the possible issues with the greeter being
## displayed during Kiosk authentication. kioskgreeter will 
##  . launch the "real" greeter if Kiosk is not enabled for the current display
##  . consume gdm requests ( to avoid displaying the "real" greeter ) if
##    Kiosk is enabled for the current display
##  . force gdm to start an alternative greeter if Kiosk authentication fails
#

theModule=kiosk:kioskgreeter
theDefaultGreeter=/usr/bin/gdmgreeter

#
## processGDMInput acts as a fake gdm greeter. It consumes gdm requests and
## respond appropriately. The only request not handled is a GDM_RESET. GDM_RESET
## is sent after an authentication error has occurred. We use this request
## to identify the situation where Kiosk authentication has failed. In this case
## we exit with a non zero exit code. This forces gdm to indicate that an
## error occurred and that a different ( gdmlogin ) greeter will be started.
#
processGDMInput()
{
 inModule=$1
 #
 ## From gdm.h
 #
 gdmStx=2
 gdmQuit=P
 gdmSess=G
 gdmReset=A

 theRC=0
 while read theRequest ; do
  theResponse=`echo $theRequest |
  awk '{
   theCommand=substr($0,2,1)
   theArg=substr($0,3)
   if ( theCommand == gdmQuit ) { printf( "%s\n", gdmQuit ) }
   else {
    outArg=""
    if ( theCommand == gdmReset ) { printf( "%s\n", gdmReset ) }
    else {
     if ( theCommand == gdmSess ) { outArg=theArg }
     printf( "%c%s\n", gdmStx, outArg )
    }
   }
  }' gdmStx=$gdmStx gdmQuit=$gdmQuit gdmSess=$gdmSess gdmReset=$gdmReset`
  if [ $theResponse = $gdmQuit ] ; then
   break
  elif [ $theResponse = $gdmReset ] ; then
   theRC=1
   logDebug -m $inModule -l "Error: Kiosk authentication failed"
   break
  else
   echo $theResponse
  fi
 done
 return $theRC
}

#
## Load utilities and setup basic Kiosk Environment
#
theUtilsFile=/opt/SUNWkio/lib/utils.sh
if [ ! -r $theUtilsFile ] ; then
 logger -i -p user.debug -t $theModule \
        "Error: can't read Kiosk utils file '$theUtilsFile'"
 exit 1
else
 . $theUtilsFile
 if [ $? -ne 0 ] ; then
  logger -i -p user.debug -t $theModule \
         "Error: failed to load Kiosk utils file '$theUtilsFile'"
  exit 1
 fi
fi

if [ $# -eq 0 ] ; then
 theGreeter=$theDefaultGreeter
else
 theGreeter=$@
fi

KIOSK_ENABLED=no
if [ -f ${KIOSK_VAR_DIR}/config/$DISPLAY ] ; then
 . ${KIOSK_VAR_DIR}/config/$DISPLAY
fi

if [ $KIOSK_ENABLED = "no" ] ; then
 logDebug -m $theModule -l "starting greeter '$theGreeter'"
 $theGreeter
 theRC=$?
else
 logDebug -m $theModule -l "processing gdm input"
 processGDMInput $theModule
 theRC=$?
fi
exit $theRC
