applications/gnome-control-center
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

user-accounts: Add debug messages to user creation and realm procedures

Browse source 
https://bugzilla.gnome.org/show_bug.cgi?id=684185
This commit is contained in:
Stef Walter 2012-09-03 16:16:42 +02:00
parent 09e62d679c
commit 65aaaf9d04
2 changed files with 72 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

27
panels/user-accounts/um-account-dialog.c
View file

@ -126,6 +126,8 @@ show_error_dialog (UmAccountDialog *self,
static void
begin_action (UmAccountDialog *self)
{
g_debug ("Beginning action, disabling dialog controls");
gtk_widget_set_sensitive (self->container_widget, FALSE);
gtk_dialog_set_response_sensitive (GTK_DIALOG (self), GTK_RESPONSE_OK, FALSE);
@ -136,6 +138,8 @@ begin_action (UmAccountDialog *self)
static void
finish_action (UmAccountDialog *self)
{
g_debug ("Completed action, enabling dialog controls");
gtk_widget_set_sensitive (self->container_widget, TRUE);
gtk_dialog_set_response_sensitive (GTK_DIALOG (self), GTK_RESPONSE_OK, TRUE);
@ -171,11 +175,13 @@ create_user_done (UmUserManager *manager,
error = NULL;
if (!um_user_manager_create_user_finish (manager, res, &user, &error)) {
g_debug ("Failed to create user: %s", error->message);
if (!g_error_matches (error, UM_USER_MANAGER_ERROR, UM_USER_MANAGER_ERROR_PERMISSION_DENIED))
show_error_dialog (self, _("Failed to add account"), error);
g_error_free (error);
gtk_widget_grab_focus (self->local_name);
} else {
g_debug ("Created user: %s", um_user_get_user_name (user));
complete_dialog (self, user);
}
}
@ -198,6 +204,8 @@ local_create_user (UmAccountDialog *self)
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (self->local_account_type), &iter);
gtk_tree_model_get (model, &iter, 1, &account_type, -1);
g_debug ("Creating local user: %s", username);
manager = um_user_manager_ref_default ();
um_user_manager_create_user (manager,
username,
@ -321,6 +329,9 @@ enterprise_add_realm (UmAccountDialog *self,
GtkTreeIter iter;
UmRealmCommon *common;
g_debug ("Adding new realm to drop down: %s",
g_dbus_object_get_object_path (G_DBUS_OBJECT (realm)));
common = um_realm_object_get_common (realm);
gtk_list_store_append (self->enterprise_realms, &iter);
@ -359,6 +370,7 @@ on_register_user (GObject *source,
/* This is where we're finally done */
if (error == NULL) {
g_debug ("Successfully cached remote user: %s", um_user_get_user_name (user));
finish_action (self);
complete_dialog (self, user);
@ -394,6 +406,8 @@ on_permit_user_login (GObject *source,
login = um_realm_calculate_login (common, gtk_entry_get_text (self->enterprise_login));
g_return_if_fail (login != NULL);
g_debug ("Caching remote user: %s", login);
um_user_manager_cache_user (manager, login, self->cancellable,
on_register_user, g_object_ref (self),
g_object_unref);
@ -428,6 +442,7 @@ enterprise_permit_user_login (UmAccountDialog *self)
add[1] = NULL;
remove[0] = NULL;
g_debug ("Permitting login for: %s", login);
options = g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0);
um_realm_common_call_change_login_policy (common, "",
@ -453,6 +468,8 @@ on_join_response (GtkDialog *dialog,
return;
}
g_debug ("Logging in as admin user: %s", gtk_entry_get_text (self->join_name));
/* Prompted for some admin credentials, try to use them to log in */
um_realm_login (self->selected_realm,
gtk_entry_get_text (self->join_name),
@ -485,19 +502,23 @@ join_show_prompt (UmAccountDialog *self,
if (!self->join_prompted) {
name = um_realm_kerberos_membership_get_suggested_administrator (membership);
if (name && !g_str_equal (name, "")) {
g_debug ("Suggesting admin user: %s", name);
gtk_entry_set_text (self->join_name, name);
} else {
gtk_widget_grab_focus (GTK_WIDGET (self->join_name));
}
} else if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD)) {
g_debug ("Bad admin password: %s", error->message);
set_entry_validation_error (self->join_password, error->message);
} else {
g_debug ("Admin login failure: %s", error->message);
g_dbus_error_strip_remote_error (error);
set_entry_validation_error (self->join_name, error->message);
}
g_debug ("Showing admin password dialog");
gtk_window_set_transient_for (GTK_WINDOW (self->join_dialog), GTK_WINDOW (self));
gtk_window_set_modal (GTK_WINDOW (self->join_dialog), TRUE);
gtk_window_present (GTK_WINDOW (self->join_dialog));
@ -570,11 +591,13 @@ on_realm_joined (GObject *source,
/* Yay, joined the domain, register the user locally */
if (error == NULL) {
g_debug ("Joining realm completed successfully");
enterprise_permit_user_login (self);
/* Credential failure while joining domain, prompt for admin creds */
} else if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN) ||
g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD)) {
g_debug ("Joining realm failed due to credentials");
join_show_prompt (self, error);
/* Other failure */
@ -602,6 +625,7 @@ on_realm_login (GObject *source,
/* Already joined to the domain, just register this user */
if (um_realm_is_configured (self->selected_realm)) {
g_debug ("Already joined to this realm");
enterprise_permit_user_login (self);
/* Join the domain, try using the user's creds */
@ -613,6 +637,7 @@ on_realm_login (GObject *source,
g_object_ref (self))) {
/* If we can't do user auth, try to authenticate as admin */
g_debug ("Cannot join with user credentials");
join_show_prompt (self, NULL);
}
@ -620,11 +645,13 @@ on_realm_login (GObject *source,
/* A problem with the user's login name or password */
} else if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN)) {
g_debug ("Problem with the user's login: %s", error->message);
set_entry_validation_error (self->enterprise_login, error->message);
finish_action (self);
gtk_widget_grab_focus (GTK_WIDGET (self->enterprise_login));
} else if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD)) {
g_debug ("Problem with the user's password: %s", error->message);
set_entry_validation_error (self->enterprise_password, error->message);
finish_action (self);
gtk_widget_grab_focus (GTK_WIDGET (self->enterprise_password));

52
panels/user-accounts/um-realm-manager.c
View file

@ -97,8 +97,10 @@ on_object_added (GDBusObjectManager *manager,
GDBusObject *object,
gpointer user_data)
{
if (is_realm_with_kerberos_and_membership (object))
if (is_realm_with_kerberos_and_membership (object)) {
g_debug ("Saw realm: %s", g_dbus_object_get_object_path (object));
g_signal_emit (user_data, signals[REALM_ADDED], 0, object);
}
}
static void
@ -195,6 +197,8 @@ um_realm_manager_new (GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
g_debug ("Connecting to realmd...");
g_async_initable_new_async (UM_TYPE_REALM_MANAGER, G_PRIORITY_DEFAULT,
cancellable, callback, user_data,
"flags", G_DBUS_OBJECT_MANAGER_CLIENT_FLAGS_NONE,
@ -226,6 +230,8 @@ um_realm_manager_new_finish (GAsyncResult *result,
self = UM_REALM_MANAGER (ret);
connection = g_dbus_object_manager_client_get_connection (G_DBUS_OBJECT_MANAGER_CLIENT (self));
g_debug ("Connected to realmd, checking version...");
/*
* TODO: Remove this version checking. This is temporary code, so
* just use sync here. Shortly we'll be stabilizing the realmd
@ -262,6 +268,7 @@ um_realm_manager_new_finish (GAsyncResult *result,
NULL);
self->diagnostics_sig = sig;
g_debug ("Created realm manager");
return self;
}
@ -299,10 +306,12 @@ on_provider_discover (GObject *source,
if (error == NULL) {
for (i = 0; realms[i]; i++) {
object = g_dbus_object_manager_get_object (discover->manager, realms[i]);
if (object == NULL)
if (object == NULL) {
g_warning ("Realm is not in object manager: %s", realms[i]);
else
} else {
g_debug ("Discovered realm: %s", realms[i]);
discover->realms = g_list_prepend (discover->realms, object);
}
}
} else {
@ -328,6 +337,8 @@ um_realm_manager_discover (UmRealmManager *self,
g_return_if_fail (input != NULL);
g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable));
g_debug ("Discovering realms for: %s", input);
res = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
um_realm_manager_discover);
discover = g_slice_new0 (DiscoverClosure);
@ -474,6 +485,9 @@ on_realm_join_complete (GObject *source,
gpointer user_data)
{
GSimpleAsyncResult *async = G_SIMPLE_ASYNC_RESULT (user_data);
g_debug ("Completed Join() method call");
g_simple_async_result_set_op_res_gpointer (async, g_object_ref (result), g_object_unref);
g_simple_async_result_complete_in_idle (async);
g_object_unref (async);
@ -501,6 +515,7 @@ realm_join_as_owner (UmRealmObject *realm,
type = find_supported_credentials (membership, owner);
if (type == NULL) {
g_debug ("Couldn't find supported credential type for owner: %s", owner);
g_object_unref (membership);
return FALSE;
}
@ -509,12 +524,14 @@ realm_join_as_owner (UmRealmObject *realm,
realm_join_as_owner);
if (g_str_equal (type, "ccache")) {
g_debug ("Using a kerberos credential cache to join the realm");
contents = g_variant_new_from_data (G_VARIANT_TYPE ("ay"),
g_bytes_get_data (credentials, NULL),
g_bytes_get_size (credentials),
TRUE, (GDestroyNotify)g_bytes_unref, credentials);
} else if (g_str_equal (type, "password")) {
g_debug ("Using a user/password to join the realm");
contents = g_variant_new ("(ss)", login, password);
} else {
@ -524,6 +541,8 @@ realm_join_as_owner (UmRealmObject *realm,
creds = g_variant_new ("(ssv)", type, owner, contents);
options = g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0);
g_debug ("Calling the Join() method with %s credentials", owner);
um_realm_kerberos_membership_call_join (membership, creds, options,
cancellable, on_realm_join_complete,
g_object_ref (async));
@ -599,6 +618,7 @@ um_realm_join_finish (UmRealmObject *realm,
dbus_error = g_dbus_error_get_remote_error (call_error);
if (dbus_error == NULL) {
g_debug ("Join() failed because of %s", call_error->message);
g_propagate_error (error, call_error);
return FALSE;
}
@ -606,10 +626,12 @@ um_realm_join_finish (UmRealmObject *realm,
g_dbus_error_strip_remote_error (call_error);
if (g_str_equal (dbus_error, "org.freedesktop.realmd.Error.AuthenticationFailed")) {
g_debug ("Join() failed because of invalid/insufficient credentials");
g_set_error (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN,
"%s", call_error->message);
g_error_free (call_error);
} else {
g_debug ("Join() failed because of %s", call_error->message);
g_propagate_error (error, call_error);
}
@ -653,10 +675,16 @@ login_perform_kinit (krb5_context k5,
name = g_strdup_printf ("%s@%s", login, realm);
code = krb5_parse_name (k5, name, &principal);
g_free (name);
if (code != 0)
if (code != 0) {
g_debug ("Couldn't parse principal name: %s: %s",
name, krb5_get_error_message (k5, code));
g_free (name);
return code;
}
g_debug ("Using principal name to kinit: %s", name);
g_free (name);
if (filename == NULL)
code = krb5_cc_default (k5, &ccache);
@ -665,6 +693,9 @@ login_perform_kinit (krb5_context k5,
if (code != 0) {
krb5_free_principal (k5, principal);
g_debug ("Couldn't open credential cache: %s: %s",
filename ? filename : "<default>",
krb5_get_error_message (k5, code));
return code;
}
@ -682,8 +713,12 @@ login_perform_kinit (krb5_context k5,
krb5_cc_close (k5, ccache);
krb5_free_principal (k5, principal);
if (code == 0)
if (code == 0) {
g_debug ("kinit succeeded");
krb5_free_cred_contents (k5, &creds);
} else {
g_debug ("kinit failed: %s", krb5_get_error_message (k5, code));
}
return code;
}
@ -726,8 +761,10 @@ kinit_thread_func (GSimpleAsyncResult *async,
g_file_get_contents (filename, &contents, &length, &error);
if (error == NULL) {
login->credentials = g_bytes_new_take (contents, length);
g_debug ("Read in credential cache: %s", filename);
} else {
g_warning ("Couldn't read credential cache: %s", error->message);
g_warning ("Couldn't read credential cache: %s: %s",
filename, error->message);
g_error_free (error);
}
}
@ -755,6 +792,7 @@ kinit_thread_func (GSimpleAsyncResult *async,
if (filename) {
g_unlink (filename);
g_debug ("Deleted credential cache: %s", filename);
g_free (filename);
}