Previously I was just presenting a static username/password box, and
then running PAM with pre-set credentials. This works just fine when
PAM is expecting a username and password, but if it's expecting
something like a fingerprint scan or a hardware security token, this
wouldn't entirely work right. Well, it would "work", but the
username/password dialog would be displayed, and then hitting "Unlock"
would start a different auth process with no visible feedback as to
what's supposed to happen.
This also means I need to switch PAM wrapper crates; the one I was using
before did not allow passing a fixed username to the underlying
pam_start() call, which meant that PAM would try to prompt the user for
it, which is not what we want.
If the user presses enter or escape in order to get the unlock dialog to
show in the first place, forwarding that event to the dialog will only
cause it to close immediately.
Also took the opportunity to clean up the dependencies where I have my
own patches. I'm now using the cargo 'patch' section so that the
dependencies specified in the individual Cargo.toml files are clean.
By default it'll look at your environment to try to figure out which
display manager is used in order to start a new session. We first try
the org.freedesktop.DisplayManager dbus interface, and if that fails,
inspect XDG_SESSION_DESKTOP to try to figure out which display manager
is running.
The user can also still specify the correct display manager, or a custom
command.
This includes an abortive attempt to do a gtk4 dialog (which I don't
think is possible, as gtk4 doesn't allow embedding toplevels anymore),
and an iced dialog, which I just never started writing.
