From 6636cbff81061bc270e4d21659fa3fba8eb3c87b Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Fri, 12 Apr 2013 18:44:55 +0200 Subject: Create installation script using distutils --- .gitignore | 1 + LockWindow.py | 168 ---------------------------------------- Locker.py | 73 ------------------ Selection.py | 66 ---------------- bin/pylock | 5 ++ etc/pylock.conf | 4 + pam.py | 170 ----------------------------------------- po/de.po | 26 +++---- po/pylock.pot | 26 +++---- pylock.py | 129 ------------------------------- pylock/LockWindow.py | 172 +++++++++++++++++++++++++++++++++++++++++ pylock/Locker.py | 73 ++++++++++++++++++ pylock/Main.py | 126 ++++++++++++++++++++++++++++++ pylock/Selection.py | 66 ++++++++++++++++ pylock/__init__.py | 0 pylock/data/bg.svg | 208 ++++++++++++++++++++++++++++++++++++++++++++++++++ pylock/data/unlock.ui | 166 ++++++++++++++++++++++++++++++++++++++++ pylock/pam.py | 170 +++++++++++++++++++++++++++++++++++++++++ setup.py | 29 +++++++ unlock.ui | 166 ---------------------------------------- 20 files changed, 1046 insertions(+), 798 deletions(-) delete mode 100644 LockWindow.py delete mode 100644 Locker.py delete mode 100644 Selection.py create mode 100755 bin/pylock create mode 100644 etc/pylock.conf delete mode 100644 pam.py delete mode 100644 pylock.py create mode 100644 pylock/LockWindow.py create mode 100644 pylock/Locker.py create mode 100644 pylock/Main.py create mode 100644 pylock/Selection.py create mode 100644 pylock/__init__.py create mode 100644 pylock/data/bg.svg create mode 100644 pylock/data/unlock.ui create mode 100644 pylock/pam.py create mode 100755 setup.py delete mode 100644 unlock.ui diff --git a/.gitignore b/.gitignore index 9b5e2e8..41f3d6d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ *~ __pycache__ +/build diff --git a/LockWindow.py b/LockWindow.py deleted file mode 100644 index a3afcc9..0000000 --- a/LockWindow.py +++ /dev/null @@ -1,168 +0,0 @@ -# Copyright (c) 2012, Matthias Schiffer -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# 1. Redistributions of source code must retain the above copyright notice, -# this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright notice, -# this list of conditions and the following disclaimer in the documentation -# and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -import sys -import locale - -from gi.repository import Gtk, Gdk, GObject, GLib - - -_ = locale.gettext - - -class LockWindow(Gtk.Window): - __gsignals__ = { - 'logout': (GObject.SIGNAL_RUN_FIRST, None, ()), - 'tryUnlock': (GObject.SIGNAL_RUN_FIRST, None, (str,)) - } - - def __init__(self): - Gtk.Window.__init__(self) - - self.display = Gdk.Display.get_default() - self.screen = self.display.get_default_screen() - self.devicesGrabbed = False - - self.overlay = Gtk.Overlay() - self.add(self.overlay) - - self.bg = Gtk.Image.new_from_file("bg.svg") - self.overlay.add(self.bg) - - self.realize() - self.get_window().set_override_redirect(True) - - self.set_default_size(self.screen.get_width(), self.screen.get_height()) - - self.set_has_resize_grip(False) - - builder = Gtk.Builder() - - if not builder.add_from_file("unlock.ui"): - sys.exit(1) - - self.unlockWindow = builder.get_object('unlock_window') - self.lockLabel = builder.get_object('lock_label') - self.promptEntry = builder.get_object('prompt_entry') - self.messageLabel = builder.get_object('message_label') - self.logoutButton = builder.get_object('logout_button') - self.unlockButton = builder.get_object('unlock_button') - - self.overlay.add_overlay(self.unlockWindow) - - self.connect('delete-event', lambda w, e: True) - - self.promptEntry.connect('activate', lambda w: self._tryUnlock()) - self.logoutButton.connect('clicked', lambda w: self._logout()) - self.unlockButton.connect('clicked', lambda w: self._tryUnlock()) - - self.reset(False, True) - - self.deviceManager = self.display.get_device_manager() - - self.connect('map-event', self._grabDevices) - self.connect('configure-event', lambda w, e: self.get_window().move_resize(0, 0, self.screen.get_width(), self.screen.get_height()) and False) - - def _logout(self): - self.promptEntry.set_sensitive(False) - self.unlockButton.set_sensitive(False) - self.logoutButton.set_sensitive(False) - GLib.idle_add(lambda: self.emit('logout')) - - def _tryUnlock(self): - self.promptEntry.set_sensitive(False) - self.unlockButton.set_sensitive(False) - self.logoutButton.set_sensitive(False) - GLib.idle_add(lambda: self.emit('tryUnlock', self.promptEntry.get_text())) - - def _update(self): - self.promptEntry.set_sensitive(self._enablePromptEntry) - self.logoutButton.set_sensitive(self._enableLogoutButton) - self.unlockButton.set_sensitive(self._enableUnlockButton) - - def reset(self, regrab = True, resetButtons = False): - if resetButtons: - self._enablePromptEntry = True - self._enableLogoutButton = False - self._enableUnlockButton = True - - self.promptEntry.set_text('') - self.messageLabel.set_label('') - self._update() - - if regrab: - self._grabDevices(None, None) - - def updateLockMessage(self, username, logoutTime = None): - if logoutTime is None: - self.lockLabel.set_markup(_('This computer is currently locked by the user {username}.').format(username=GLib.markup_escape_text(username))) - self._enableLogoutButton = False - elif logoutTime > 0: - self.lockLabel.set_markup( - _('This computer is currently locked by the user {username}.\nThe user can be logged out in {minutes:02}:{seconds:02} minutes.').format( - username=GLib.markup_escape_text(username), minutes=logoutTime//60, seconds=logoutTime%60)) - self._enableLogoutButton = False - else: - self.lockLabel.set_markup( - _('This computer is currently locked by the user {username}.\nThe user can be logged out now.').format( - username=GLib.markup_escape_text(username))) - self._enableLogoutButton = True - self._update() - - def setAuthMessage(self, message): - self.messageLabel.set_label(message) - - def _grabDevices(self, w, e): - self.promptEntry.grab_focus() - - if not self.devicesGrabbed: - for device in self.deviceManager.list_devices(Gdk.DeviceType.MASTER): - if device.grab(self.get_window(), Gdk.GrabOwnership.APPLICATION, True, Gdk.EventMask.ALL_EVENTS_MASK, None, Gdk.CURRENT_TIME) != Gdk.GrabStatus.SUCCESS: - self._ungrabDevices() - self.get_window().lower() - return False - - self.present() - - self.devicesGrabbed = True - - return False - - def _ungrabDevices(self): - for device in self.deviceManager.list_devices(Gdk.DeviceType.MASTER): - device.ungrab(Gdk.CURRENT_TIME) - self.devicesGrabbed = False - - def lock(self): - self.show_all() - self.display.sync() - self._grabDevices(self, None) - return self.devicesGrabbed - - def unlock(self): - self._ungrabDevices() - - self.hide() - - self.reset(False, True) diff --git a/Locker.py b/Locker.py deleted file mode 100644 index 5243609..0000000 --- a/Locker.py +++ /dev/null @@ -1,73 +0,0 @@ -# Copyright (c) 2012, Matthias Schiffer -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# 1. Redistributions of source code must retain the above copyright notice, -# this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright notice, -# this list of conditions and the following disclaimer in the documentation -# and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -from gi.repository import Gtk, GLib - - -class Locker(object): - def __init__(self, doLock, doUnlock, logoutTimeout = None, doLogout = None, updateLogoutTimeout = None): - self.locked = False - self.logoutTimeout = logoutTimeout - self.doLock = doLock - self.doUnlock = doUnlock - self.doLogout = doLogout - self.updateLogoutTimeout = updateLogoutTimeout - - def _checkLogout(self): - if not self.locked: - return False - - self.currentLogoutTimeout = self.currentLogoutTimeout - 1 - if self.updateLogoutTimeout is not None: - self.updateLogoutTimeout(self.currentLogoutTimeout) - - return self.currentLogoutTimeout > 0 - - def lock(self): - if not self.locked: - self.locked = True - if not self.doLock(self.logoutTimeout): - self.locked = False - GLib.timeout_add_seconds(1, self.lock) - return False - - if self.doLogout is not None: - self.currentLogoutTimeout = self.logoutTimeout - - if self.currentLogoutTimeout > 0: - GLib.timeout_add_seconds(1, self._checkLogout) - - return True - - def unlock(self): - if self.locked: - self.doUnlock() - self.locked = False - - def _canLogout(self): - return (self.locked and self.doLogout is not None and self.currentLogoutTimeout <= 0) - - def logout(self): - if self._canLogout(): - self.doLogout() diff --git a/Selection.py b/Selection.py deleted file mode 100644 index 11a7285..0000000 --- a/Selection.py +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright (c) 2012-2013, Matthias Schiffer -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# 1. Redistributions of source code must retain the above copyright notice, -# this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright notice, -# this list of conditions and the following disclaimer in the documentation -# and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -import ctypes -import ctypes.util - -from gi.repository import Gdk, GdkX11 - - -XEvent_p = ctypes.c_void_p -display_p = ctypes.c_void_p -xid = ctypes.c_ulong -x11_bool = ctypes.c_int -x11_time = ctypes.c_ulong -status = ctypes.c_int - - -libX11 = ctypes.util.find_library('X11') -if libX11 == None: - raise OSError('libX11 could not be found.') -libX11 = ctypes.cdll.LoadLibrary(libX11) - -libX11.XSetSelectionOwner.argtypes = display_p, xid, xid, x11_time -libX11.XSetSelectionOwner.restype = ctypes.c_int -libX11.XGetSelectionOwner.argtypes = display_p, xid -libX11.XGetSelectionOwner.restype = xid - - -display = Gdk.Display.get_default() -dpy_p = display_p(hash(GdkX11.X11Display.get_xdisplay(display))) -atomPylockWindow = GdkX11.x11_get_xatom_by_name("PYLOCK_WINDOW") - - -def get(): - return libX11.XGetSelectionOwner(dpy_p, atomPylockWindow) - -def acquire(window): - if get() != 0: - return False - - window.realize() - xid = GdkX11.X11Window.get_xid(window.get_window()) - libX11.XSetSelectionOwner(dpy_p, atomPylockWindow, xid, 0) - - return (get() == xid) diff --git a/bin/pylock b/bin/pylock new file mode 100755 index 0000000..88652cd --- /dev/null +++ b/bin/pylock @@ -0,0 +1,5 @@ +#!/usr/bin/env python3 + +from pylock import Main + +Main.main() diff --git a/etc/pylock.conf b/etc/pylock.conf new file mode 100644 index 0000000..13c18f2 --- /dev/null +++ b/etc/pylock.conf @@ -0,0 +1,4 @@ +[pylock] +#theme = Adwaita +#logout_timeout = 600 +#logout_command = xfce4-session-logout -l diff --git a/pam.py b/pam.py deleted file mode 100644 index d72489d..0000000 --- a/pam.py +++ /dev/null @@ -1,170 +0,0 @@ -# (c) 2007 Chris AtLee -# Licensed under the MIT license: -# http://www.opensource.org/licenses/mit-license.php -""" -PAM module for python - -Provides an authenticate function that will allow the caller to authenticate -a user against the Pluggable Authentication Modules (PAM) on the system. - -Implemented using ctypes, so no compilation is necessary. - ---- -modified to work [better] with python3.2, 2011-12-6, david ford, -i haven't paid any attention to making sure things work in python2. there may be -problems in my_conv() ---- -Just some encoding fixes for python3, 2012-01-27 Matthias Schiffer -""" - -import sys -import locale -if sys.version_info >= (3,): - py3k = True -else: - py3k = False - -from ctypes import CDLL, POINTER, Structure, CFUNCTYPE, cast, pointer, sizeof -from ctypes import c_void_p, c_uint, c_char_p, c_char, c_int -from ctypes import memmove -from ctypes.util import find_library - -class PamHandle(Structure): - """wrapper class for pam_handle_t""" - _fields_ = [ - ("handle", c_void_p) - ] - - def __init__(self): - Structure.__init__(self) - self.handle = 0 - -class PamMessage(Structure): - """wrapper class for pam_message structure""" - _fields_ = [ - ("msg_style", c_int), - ("msg", c_char_p), - ] - - def __repr__(self): - return "" % (self.msg_style, self.msg) - -class PamResponse(Structure): - """wrapper class for pam_response structure""" - _fields_ = [ - ("resp", c_char_p), - ("resp_retcode", c_int), - ] - - def __repr__(self): - return "" % (self.resp_retcode, self.resp) - -CONV_FUNC = CFUNCTYPE( - c_int, - c_int, - POINTER(POINTER(PamMessage)), - POINTER(POINTER(PamResponse)), - c_void_p) - -class PamConv(Structure): - """wrapper class for pam_conv structure""" - _fields_ = [ - ("conv", CONV_FUNC), - ("appdata_ptr", c_void_p) - ] - -# Various constants -PAM_PROMPT_ECHO_OFF = 1 -PAM_PROMPT_ECHO_ON = 2 -PAM_ERROR_MSG = 3 -PAM_TEXT_INFO = 4 - -LIBC = CDLL(find_library("c")) -LIBPAM = CDLL(find_library("pam")) - -CALLOC = LIBC.calloc -CALLOC.restype = c_void_p -CALLOC.argtypes = [c_uint, c_uint] - -PAM_START = LIBPAM.pam_start -PAM_START.restype = c_int -PAM_START.argtypes = [c_char_p, c_char_p, POINTER(PamConv), POINTER(PamHandle)] - -PAM_STRERROR = LIBPAM.pam_strerror -PAM_STRERROR.restype = c_char_p -PAM_STRERROR.argtypes = [POINTER(PamHandle), c_int] - -PAM_AUTHENTICATE = LIBPAM.pam_authenticate -PAM_AUTHENTICATE.restype = c_int -PAM_AUTHENTICATE.argtypes = [PamHandle, c_int] - -class pam(): - code = 0 - reason = None - - def __init__(self): - pass - - def authenticate(self, username, password, service='login'): - """username and password authenticate for the given service. - - Returns True for success, or False. self.code is the integer - value representing the numerice failure reason, or 0 on success. - self.reason is the textual reason. - - Python3 expects bytes() for ctypes inputs. This function will make - necessary conversions using the latin-1 coding. - - username: the username to authenticate - password: the password in plain text - service: the PAM service to authenticate against. - Defaults to 'login' """ - - @CONV_FUNC - def my_conv(n_messages, messages, p_response, app_data): - """Simple conversation function that responds to any - prompt where the echo is off with the supplied password""" - # Create an array of n_messages response objects - addr = CALLOC(n_messages, sizeof(PamResponse)) - p_response[0] = cast(addr, POINTER(PamResponse)) - for i in range(n_messages): - if messages[i].contents.msg_style == PAM_PROMPT_ECHO_OFF: - cs = c_char_p(password) - dst = CALLOC(sizeof(c_char_p), len(password)+1) - memmove(dst , cs, len(password)) - p_response.contents[i].resp = dst - p_response.contents[i].resp_retcode = 0 - return 0 - - # python3 ctypes prefers bytes, pretend everyone will be happy using latin-1 - if py3k: - if isinstance(username, str): - username = bytes(username, locale.getpreferredencoding()) - if isinstance(password, str): - password = bytes(password, locale.getpreferredencoding()) - if isinstance(service, str): - service = bytes(service, locale.getpreferredencoding()) - - handle = PamHandle() - conv = PamConv(my_conv, 0) - retval = PAM_START(service, username, pointer(conv), pointer(handle)) - - if retval != 0: - # This is not an authentication error, something has gone wrong starting up PAM - self.code = retval - self.reason = str(PAM_STRERROR(pointer(handle), retval), locale.getpreferredencoding()) - return False - - retval = PAM_AUTHENTICATE(handle, 0) - - if retval == 0: - # success - logic = True - else: - logic = False - - # store information to inform the caller why we failed - self.code = retval - self.reason = str(PAM_STRERROR(pointer(handle), retval), locale.getpreferredencoding()) - - return logic diff --git a/po/de.po b/po/de.po index 9320df1..d5a83ba 100644 --- a/po/de.po +++ b/po/de.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: pylock 0.1\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2012-02-01 19:25+0100\n" +"POT-Creation-Date: 2013-04-12 16:37+0200\n" "PO-Revision-Date: 2012-02-01 19:30+0100\n" "Last-Translator: Matthias Schiffer \n" "Language-Team: German \n" @@ -16,19 +16,11 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -#: unlock.ui:115 unlock.ui:113 -msgid "Unlock" -msgstr "Entsperren" - -#: unlock.ui:132 unlock.ui:129 -msgid "Logout" -msgstr "Ausloggen" - -#: LockWindow.py:69 +#: ../pylock/LockWindow.py:119 msgid "This computer is currently locked by the user {username}." msgstr "Dieser Computer ist zur Zeit vom Benutzer {username} gesperrt." -#: LockWindow.py:73 +#: ../pylock/LockWindow.py:123 msgid "" "This computer is currently locked by the user {username}.\n" "The user can be logged out in {minutes:02}:{seconds:02} minutes." @@ -36,7 +28,7 @@ msgstr "" "Dieser Computer ist zur Zeit vom Benutzer {username} gesperrt.\n" "Der Benutzer kann in {minutes:02}:{seconds:02} Minuten ausgeloggt werden." -#: LockWindow.py:78 +#: ../pylock/LockWindow.py:128 msgid "" "This computer is currently locked by the user {username}.\n" "The user can be logged out now." @@ -44,6 +36,14 @@ msgstr "" "Dieser Computer ist zur Zeit vom Benutzer {username} gesperrt.\n" "Der Benutzer kann jetzt ausgeloggt werden." -#: unlock.ui:63 +#: ../unlock.ui.h:1 msgid "Password:" msgstr "Passwort:" + +#: ../unlock.ui.h:2 +msgid "Unlock" +msgstr "Entsperren" + +#: ../unlock.ui.h:3 +msgid "Logout" +msgstr "Ausloggen" diff --git a/po/pylock.pot b/po/pylock.pot index 0cb9ab8..1a5dcd9 100644 --- a/po/pylock.pot +++ b/po/pylock.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2012-02-01 19:25+0100\n" +"POT-Creation-Date: 2013-04-12 18:43+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -17,30 +17,30 @@ msgstr "" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" -#: unlock.ui:115 unlock.ui:113 -msgid "Unlock" -msgstr "" - -#: unlock.ui:132 unlock.ui:129 -msgid "Logout" -msgstr "" - -#: LockWindow.py:69 +#: ../pylock/LockWindow.py:123 msgid "This computer is currently locked by the user {username}." msgstr "" -#: LockWindow.py:73 +#: ../pylock/LockWindow.py:127 msgid "" "This computer is currently locked by the user {username}.\n" "The user can be logged out in {minutes:02}:{seconds:02} minutes." msgstr "" -#: LockWindow.py:78 +#: ../pylock/LockWindow.py:132 msgid "" "This computer is currently locked by the user {username}.\n" "The user can be logged out now." msgstr "" -#: unlock.ui:63 +#: ../pylock/data/unlock.ui.h:1 msgid "Password:" msgstr "" + +#: ../pylock/data/unlock.ui.h:2 +msgid "Unlock" +msgstr "" + +#: ../pylock/data/unlock.ui.h:3 +msgid "Logout" +msgstr "" diff --git a/pylock.py b/pylock.py deleted file mode 100644 index 32e9149..0000000 --- a/pylock.py +++ /dev/null @@ -1,129 +0,0 @@ -#!/usr/bin/env python3 - - -# Copyright (c) 2012, Matthias Schiffer -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# 1. Redistributions of source code must retain the above copyright notice, -# this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright notice, -# this list of conditions and the following disclaimer in the documentation -# and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -import signal -import sys -import os -import pwd -import locale -import configparser - -from gi.repository import Gtk, GLib - -from Locker import Locker -from LockWindow import LockWindow -import Selection -import pam - - -CONFIG_FILE = '/etc/pylock.conf' - - -_ = locale.gettext - - -configParser = configparser.ConfigParser() -configParser.read_file(open(CONFIG_FILE)) - -config = configParser['pylock'] -username = pwd.getpwuid(os.getuid())[0] - - -def handler(signum, frame): - Gtk.main_quit() - - -signal.signal(signal.SIGINT, handler) -signal.signal(signal.SIGTERM, handler) -signal.signal(signal.SIGQUIT, handler) - - -locale.setlocale(locale.LC_ALL, '') -locale.textdomain('pylock') - -Gtk.Settings.get_default().set_property('gtk-theme-name', config['theme']) - - -def waitForSelection(): - if Selection.get() != 0: - return True - - Gtk.main_quit() - return False - -if Selection.get() != 0: - GLib.timeout_add_seconds(1, waitForSelection) - Gtk.main() - exit(0) - - -window = LockWindow() - -if not Selection.acquire(window): - print('Unable to register pylock at X server', file=sys.stderr) - exit(1) - - -def lock(timeLeft): - window.updateLockMessage(username, timeLeft) - return window.lock() - -def logout(): - try: - os.system(config['logout_command']) - except: - pass - - window.reset(False) - -def updateTimeout(timeLeft): - window.updateLockMessage(username, timeLeft) - -if not ('logout_timeout' in config and 'logout_command' in config): - locker = Locker(lock, window.unlock) -else: - locker = Locker(lock, window.unlock, int(config['logout_timeout']), logout, updateTimeout) - -pamAuth = pam.pam() - -def tryUnlock(w, password): - if pamAuth.authenticate(username, password): - locker.unlock() - Gtk.main_quit() - else: - window.reset() - window.setAuthMessage(pamAuth.reason) - - return True - - -window.connect('logout', lambda w: locker.logout()) -window.connect('tryUnlock', tryUnlock) - -GLib.idle_add(lambda: locker.lock()) - -Gtk.main() diff --git a/pylock/LockWindow.py b/pylock/LockWindow.py new file mode 100644 index 0000000..bb4d0e4 --- /dev/null +++ b/pylock/LockWindow.py @@ -0,0 +1,172 @@ +# Copyright (c) 2012, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +import sys +import os +import locale + +from gi.repository import Gtk, Gdk, GObject, GLib + + +_ = locale.gettext + + +PACKAGE_DIR = os.path.dirname(__file__) + + +class LockWindow(Gtk.Window): + __gsignals__ = { + 'logout': (GObject.SIGNAL_RUN_FIRST, None, ()), + 'tryUnlock': (GObject.SIGNAL_RUN_FIRST, None, (str,)) + } + + def __init__(self): + Gtk.Window.__init__(self) + + self.display = Gdk.Display.get_default() + self.screen = self.display.get_default_screen() + self.devicesGrabbed = False + + self.overlay = Gtk.Overlay() + self.add(self.overlay) + + self.bg = Gtk.Image.new_from_file(os.path.join(PACKAGE_DIR, 'data/bg.svg')) + self.overlay.add(self.bg) + + self.realize() + self.get_window().set_override_redirect(True) + + self.set_default_size(self.screen.get_width(), self.screen.get_height()) + + self.set_has_resize_grip(False) + + builder = Gtk.Builder() + + if not builder.add_from_file(os.path.join(PACKAGE_DIR, 'data/unlock.ui')): + sys.exit(1) + + self.unlockWindow = builder.get_object('unlock_window') + self.lockLabel = builder.get_object('lock_label') + self.promptEntry = builder.get_object('prompt_entry') + self.messageLabel = builder.get_object('message_label') + self.logoutButton = builder.get_object('logout_button') + self.unlockButton = builder.get_object('unlock_button') + + self.overlay.add_overlay(self.unlockWindow) + + self.connect('delete-event', lambda w, e: True) + + self.promptEntry.connect('activate', lambda w: self._tryUnlock()) + self.logoutButton.connect('clicked', lambda w: self._logout()) + self.unlockButton.connect('clicked', lambda w: self._tryUnlock()) + + self.reset(False, True) + + self.deviceManager = self.display.get_device_manager() + + self.connect('map-event', self._grabDevices) + self.connect('configure-event', lambda w, e: self.get_window().move_resize(0, 0, self.screen.get_width(), self.screen.get_height()) and False) + + def _logout(self): + self.promptEntry.set_sensitive(False) + self.unlockButton.set_sensitive(False) + self.logoutButton.set_sensitive(False) + GLib.idle_add(lambda: self.emit('logout')) + + def _tryUnlock(self): + self.promptEntry.set_sensitive(False) + self.unlockButton.set_sensitive(False) + self.logoutButton.set_sensitive(False) + GLib.idle_add(lambda: self.emit('tryUnlock', self.promptEntry.get_text())) + + def _update(self): + self.promptEntry.set_sensitive(self._enablePromptEntry) + self.logoutButton.set_sensitive(self._enableLogoutButton) + self.unlockButton.set_sensitive(self._enableUnlockButton) + + def reset(self, regrab = True, resetButtons = False): + if resetButtons: + self._enablePromptEntry = True + self._enableLogoutButton = False + self._enableUnlockButton = True + + self.promptEntry.set_text('') + self.messageLabel.set_label('') + self._update() + + if regrab: + self._grabDevices(None, None) + + def updateLockMessage(self, username, logoutTime = None): + if logoutTime is None: + self.lockLabel.set_markup(_('This computer is currently locked by the user {username}.').format(username=GLib.markup_escape_text(username))) + self._enableLogoutButton = False + elif logoutTime > 0: + self.lockLabel.set_markup( + _('This computer is currently locked by the user {username}.\nThe user can be logged out in {minutes:02}:{seconds:02} minutes.').format( + username=GLib.markup_escape_text(username), minutes=logoutTime//60, seconds=logoutTime%60)) + self._enableLogoutButton = False + else: + self.lockLabel.set_markup( + _('This computer is currently locked by the user {username}.\nThe user can be logged out now.').format( + username=GLib.markup_escape_text(username))) + self._enableLogoutButton = True + self._update() + + def setAuthMessage(self, message): + self.messageLabel.set_label(message) + + def _grabDevices(self, w, e): + self.promptEntry.grab_focus() + + if not self.devicesGrabbed: + for device in self.deviceManager.list_devices(Gdk.DeviceType.MASTER): + if device.grab(self.get_window(), Gdk.GrabOwnership.APPLICATION, True, Gdk.EventMask.ALL_EVENTS_MASK, None, Gdk.CURRENT_TIME) != Gdk.GrabStatus.SUCCESS: + self._ungrabDevices() + self.get_window().lower() + return False + + self.present() + + self.devicesGrabbed = True + + return False + + def _ungrabDevices(self): + for device in self.deviceManager.list_devices(Gdk.DeviceType.MASTER): + device.ungrab(Gdk.CURRENT_TIME) + self.devicesGrabbed = False + + def lock(self): + self.show_all() + self.display.sync() + self._grabDevices(self, None) + return self.devicesGrabbed + + def unlock(self): + self._ungrabDevices() + + self.hide() + + self.reset(False, True) diff --git a/pylock/Locker.py b/pylock/Locker.py new file mode 100644 index 0000000..5243609 --- /dev/null +++ b/pylock/Locker.py @@ -0,0 +1,73 @@ +# Copyright (c) 2012, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +from gi.repository import Gtk, GLib + + +class Locker(object): + def __init__(self, doLock, doUnlock, logoutTimeout = None, doLogout = None, updateLogoutTimeout = None): + self.locked = False + self.logoutTimeout = logoutTimeout + self.doLock = doLock + self.doUnlock = doUnlock + self.doLogout = doLogout + self.updateLogoutTimeout = updateLogoutTimeout + + def _checkLogout(self): + if not self.locked: + return False + + self.currentLogoutTimeout = self.currentLogoutTimeout - 1 + if self.updateLogoutTimeout is not None: + self.updateLogoutTimeout(self.currentLogoutTimeout) + + return self.currentLogoutTimeout > 0 + + def lock(self): + if not self.locked: + self.locked = True + if not self.doLock(self.logoutTimeout): + self.locked = False + GLib.timeout_add_seconds(1, self.lock) + return False + + if self.doLogout is not None: + self.currentLogoutTimeout = self.logoutTimeout + + if self.currentLogoutTimeout > 0: + GLib.timeout_add_seconds(1, self._checkLogout) + + return True + + def unlock(self): + if self.locked: + self.doUnlock() + self.locked = False + + def _canLogout(self): + return (self.locked and self.doLogout is not None and self.currentLogoutTimeout <= 0) + + def logout(self): + if self._canLogout(): + self.doLogout() diff --git a/pylock/Main.py b/pylock/Main.py new file mode 100644 index 0000000..7a2cbb9 --- /dev/null +++ b/pylock/Main.py @@ -0,0 +1,126 @@ +#!/usr/bin/env python3 + + +# Copyright (c) 2012, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +import signal +import sys +import os +import pwd +import locale +import configparser + +from gi.repository import Gtk, GLib + +from .Locker import Locker +from .LockWindow import LockWindow +from . import Selection +from . import pam + + +CONFIG_FILE = '/etc/pylock.conf' + + +_ = locale.gettext + + +def main(): + configParser = configparser.ConfigParser() + configParser.read_file(open(CONFIG_FILE)) + + config = configParser['pylock'] + username = pwd.getpwuid(os.getuid())[0] + + def signalHandler(signum, frame): + Gtk.main_quit() + + signal.signal(signal.SIGINT, signalHandler) + signal.signal(signal.SIGTERM, signalHandler) + signal.signal(signal.SIGQUIT, signalHandler) + + locale.setlocale(locale.LC_ALL, '') + locale.textdomain('pylock') + + if 'theme' in config: + Gtk.Settings.get_defalt().set_property('gtk-theme-name', config['theme']) + + def waitForSelection(): + if Selection.get() != 0: + return True + + Gtk.main_quit() + return False + + + if Selection.get() != 0: + GLib.timeout_add_seconds(1, waitForSelection) + Gtk.main() + sys.exit(0) + + window = LockWindow() + + if not Selection.acquire(window): + print('Unable to register pylock at X server', file=sys.stderr) + sys.exit(1) + + + def lock(timeLeft): + window.updateLockMessage(username, timeLeft) + return window.lock() + + def logout(): + try: + os.system(config['logout_command']) + except: + pass + + window.reset(False) + + def updateTimeout(timeLeft): + window.updateLockMessage(username, timeLeft) + + if not ('logout_timeout' in config and 'logout_command' in config): + locker = Locker(lock, window.unlock) + else: + locker = Locker(lock, window.unlock, int(config['logout_timeout']), logout, updateTimeout) + + pamAuth = pam.pam() + + def tryUnlock(w, password): + if pamAuth.authenticate(username, password): + locker.unlock() + Gtk.main_quit() + else: + window.reset() + window.setAuthMessage(pamAuth.reason) + + return True + + window.connect('logout', lambda w: locker.logout()) + window.connect('tryUnlock', tryUnlock) + + GLib.idle_add(lambda: locker.lock()) + + Gtk.main() diff --git a/pylock/Selection.py b/pylock/Selection.py new file mode 100644 index 0000000..11a7285 --- /dev/null +++ b/pylock/Selection.py @@ -0,0 +1,66 @@ +# Copyright (c) 2012-2013, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +import ctypes +import ctypes.util + +from gi.repository import Gdk, GdkX11 + + +XEvent_p = ctypes.c_void_p +display_p = ctypes.c_void_p +xid = ctypes.c_ulong +x11_bool = ctypes.c_int +x11_time = ctypes.c_ulong +status = ctypes.c_int + + +libX11 = ctypes.util.find_library('X11') +if libX11 == None: + raise OSError('libX11 could not be found.') +libX11 = ctypes.cdll.LoadLibrary(libX11) + +libX11.XSetSelectionOwner.argtypes = display_p, xid, xid, x11_time +libX11.XSetSelectionOwner.restype = ctypes.c_int +libX11.XGetSelectionOwner.argtypes = display_p, xid +libX11.XGetSelectionOwner.restype = xid + + +display = Gdk.Display.get_default() +dpy_p = display_p(hash(GdkX11.X11Display.get_xdisplay(display))) +atomPylockWindow = GdkX11.x11_get_xatom_by_name("PYLOCK_WINDOW") + + +def get(): + return libX11.XGetSelectionOwner(dpy_p, atomPylockWindow) + +def acquire(window): + if get() != 0: + return False + + window.realize() + xid = GdkX11.X11Window.get_xid(window.get_window()) + libX11.XSetSelectionOwner(dpy_p, atomPylockWindow, xid, 0) + + return (get() == xid) diff --git a/pylock/__init__.py b/pylock/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/pylock/data/bg.svg b/pylock/data/bg.svg new file mode 100644 index 0000000..78e3972 --- /dev/null +++ b/pylock/data/bg.svg @@ -0,0 +1,208 @@ + + + +image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Bei Problemen melden Sie sich bitte per E-Mail anpool-hotline@itsc.uni-luebeck.deoder telefonisch unter derinternen Nummer 5004. + + \ No newline at end of file diff --git a/pylock/data/unlock.ui b/pylock/data/unlock.ui new file mode 100644 index 0000000..89bc3b8 --- /dev/null +++ b/pylock/data/unlock.ui @@ -0,0 +1,166 @@ + + + + + 700 + True + False + center + center + False + + + True + False + 40 + + + True + False + siegel.png + + + False + True + 0 + + + + + True + False + 12 + 12 + + + True + False + [lock] + + + True + True + 1 + + + + + False + 6 + + + False + 6 + + + True + False + Password: + + + False + True + 0 + + + + + True + True + False + + True + False + False + + + + True + True + 1 + + + + + True + True + 0 + + + + + False + 0 + [message] + + + True + True + 1 + + + + + True + False + 20 + + + Unlock + False + True + True + True + False + + + True + True + end + 1 + + + + + Logout + False + True + True + True + False + + + True + True + end + 2 + + + + + True + True + 2 + + + + + False + True + 3 + + + + + False + True + 1 + + + + + + + + + diff --git a/pylock/pam.py b/pylock/pam.py new file mode 100644 index 0000000..d72489d --- /dev/null +++ b/pylock/pam.py @@ -0,0 +1,170 @@ +# (c) 2007 Chris AtLee +# Licensed under the MIT license: +# http://www.opensource.org/licenses/mit-license.php +""" +PAM module for python + +Provides an authenticate function that will allow the caller to authenticate +a user against the Pluggable Authentication Modules (PAM) on the system. + +Implemented using ctypes, so no compilation is necessary. + +--- +modified to work [better] with python3.2, 2011-12-6, david ford, +i haven't paid any attention to making sure things work in python2. there may be +problems in my_conv() +--- +Just some encoding fixes for python3, 2012-01-27 Matthias Schiffer +""" + +import sys +import locale +if sys.version_info >= (3,): + py3k = True +else: + py3k = False + +from ctypes import CDLL, POINTER, Structure, CFUNCTYPE, cast, pointer, sizeof +from ctypes import c_void_p, c_uint, c_char_p, c_char, c_int +from ctypes import memmove +from ctypes.util import find_library + +class PamHandle(Structure): + """wrapper class for pam_handle_t""" + _fields_ = [ + ("handle", c_void_p) + ] + + def __init__(self): + Structure.__init__(self) + self.handle = 0 + +class PamMessage(Structure): + """wrapper class for pam_message structure""" + _fields_ = [ + ("msg_style", c_int), + ("msg", c_char_p), + ] + + def __repr__(self): + return "" % (self.msg_style, self.msg) + +class PamResponse(Structure): + """wrapper class for pam_response structure""" + _fields_ = [ + ("resp", c_char_p), + ("resp_retcode", c_int), + ] + + def __repr__(self): + return "" % (self.resp_retcode, self.resp) + +CONV_FUNC = CFUNCTYPE( + c_int, + c_int, + POINTER(POINTER(PamMessage)), + POINTER(POINTER(PamResponse)), + c_void_p) + +class PamConv(Structure): + """wrapper class for pam_conv structure""" + _fields_ = [ + ("conv", CONV_FUNC), + ("appdata_ptr", c_void_p) + ] + +# Various constants +PAM_PROMPT_ECHO_OFF = 1 +PAM_PROMPT_ECHO_ON = 2 +PAM_ERROR_MSG = 3 +PAM_TEXT_INFO = 4 + +LIBC = CDLL(find_library("c")) +LIBPAM = CDLL(find_library("pam")) + +CALLOC = LIBC.calloc +CALLOC.restype = c_void_p +CALLOC.argtypes = [c_uint, c_uint] + +PAM_START = LIBPAM.pam_start +PAM_START.restype = c_int +PAM_START.argtypes = [c_char_p, c_char_p, POINTER(PamConv), POINTER(PamHandle)] + +PAM_STRERROR = LIBPAM.pam_strerror +PAM_STRERROR.restype = c_char_p +PAM_STRERROR.argtypes = [POINTER(PamHandle), c_int] + +PAM_AUTHENTICATE = LIBPAM.pam_authenticate +PAM_AUTHENTICATE.restype = c_int +PAM_AUTHENTICATE.argtypes = [PamHandle, c_int] + +class pam(): + code = 0 + reason = None + + def __init__(self): + pass + + def authenticate(self, username, password, service='login'): + """username and password authenticate for the given service. + + Returns True for success, or False. self.code is the integer + value representing the numerice failure reason, or 0 on success. + self.reason is the textual reason. + + Python3 expects bytes() for ctypes inputs. This function will make + necessary conversions using the latin-1 coding. + + username: the username to authenticate + password: the password in plain text + service: the PAM service to authenticate against. + Defaults to 'login' """ + + @CONV_FUNC + def my_conv(n_messages, messages, p_response, app_data): + """Simple conversation function that responds to any + prompt where the echo is off with the supplied password""" + # Create an array of n_messages response objects + addr = CALLOC(n_messages, sizeof(PamResponse)) + p_response[0] = cast(addr, POINTER(PamResponse)) + for i in range(n_messages): + if messages[i].contents.msg_style == PAM_PROMPT_ECHO_OFF: + cs = c_char_p(password) + dst = CALLOC(sizeof(c_char_p), len(password)+1) + memmove(dst , cs, len(password)) + p_response.contents[i].resp = dst + p_response.contents[i].resp_retcode = 0 + return 0 + + # python3 ctypes prefers bytes, pretend everyone will be happy using latin-1 + if py3k: + if isinstance(username, str): + username = bytes(username, locale.getpreferredencoding()) + if isinstance(password, str): + password = bytes(password, locale.getpreferredencoding()) + if isinstance(service, str): + service = bytes(service, locale.getpreferredencoding()) + + handle = PamHandle() + conv = PamConv(my_conv, 0) + retval = PAM_START(service, username, pointer(conv), pointer(handle)) + + if retval != 0: + # This is not an authentication error, something has gone wrong starting up PAM + self.code = retval + self.reason = str(PAM_STRERROR(pointer(handle), retval), locale.getpreferredencoding()) + return False + + retval = PAM_AUTHENTICATE(handle, 0) + + if retval == 0: + # success + logic = True + else: + logic = False + + # store information to inform the caller why we failed + self.code = retval + self.reason = str(PAM_STRERROR(pointer(handle), retval), locale.getpreferredencoding()) + + return logic diff --git a/setup.py b/setup.py new file mode 100755 index 0000000..9034f0e --- /dev/null +++ b/setup.py @@ -0,0 +1,29 @@ +#!/usr/bin/env python3 + +import distutils +import DistUtilsExtra.auto +import os + + +class install_pylock(distutils.command.install.install): + def run(self): + distutils.dir_util.copy_tree('etc', os.path.join(self.root, '/etc'), + preserve_times=0, preserve_symlinks=1, verbose=1) + + distutils.command.install.install.run(self) + +DistUtilsExtra.auto.setup( + name = 'pylock', + version = '1', + + data_files = [], + + packages = ['pylock'], + package_data = { + 'pylock': ['data/unlock.ui', 'data/bg.svg'], + }, + + cmdclass = { + 'install': install_pylock, + }, +) diff --git a/unlock.ui b/unlock.ui deleted file mode 100644 index 89bc3b8..0000000 --- a/unlock.ui +++ /dev/null @@ -1,166 +0,0 @@ - - - - - 700 - True - False - center - center - False - - - True - False - 40 - - - True - False - siegel.png - - - False - True - 0 - - - - - True - False - 12 - 12 - - - True - False - [lock] - - - True - True - 1 - - - - - False - 6 - - - False - 6 - - - True - False - Password: - - - False - True - 0 - - - - - True - True - False - - True - False - False - - - - True - True - 1 - - - - - True - True - 0 - - - - - False - 0 - [message] - - - True - True - 1 - - - - - True - False - 20 - - - Unlock - False - True - True - True - False - - - True - True - end - 1 - - - - - Logout - False - True - True - True - False - - - True - True - end - 2 - - - - - True - True - 2 - - - - - False - True - 3 - - - - - False - True - 1 - - - - - - - - - -- cgit v1.2.3