Re: Passwordless login

From: Bob Doolittle <Robert Doolittle Sun COM>
To: � Hansen <sh warma dk>
Cc: George <jirka 5z com>, gdm sunsite dk
Subject: Re: Passwordless login
Date: Mon, 19 Apr 2004 13:46:48 -0400

S�Hansen wrote:

On s�004-04-18 at 23:54 -0700, George wrote:

Any brilliant ideas? I'm thinking that the existence of a semaphore file
in $HOME/.gnome2/ will make gdm use gdm-autologin, but we don't know the
username and hence the $HOME until after we've created the pam_handle,
do we?

The thing is that PAM now asks for the username and we don't really know it
until PAM does it's thing.  Any solution would really have to be in PAM
itself (And that's where such policy should go anyway).  It would be useful
to create a pam module that would allow passwordless login for select local
users.  It also shouldn't be too hard I don't think.


Right, I figured that out a bit later, too. I've created a file
called /etc/gdmnopassusers and added a line to my /etc/pam.d/gdm:
auth    sufficient      pam_listfile.so file=/etc/gdmnopassusers
sense=allow item=user

And presto! However, this way, I still can't tell if it's a local login
or a remote one, so a if one could use /etc/pam.d/gdm-xdmcp for remote
logins, it'd be really nice. Could that be implemented in the next
release?


Can't you look at $DISPLAY, and examine any hostname component?
Remote logins should always have a $DISPLAY like
remote-hostname:#.#

-Bob

References:
- Passwordless login
  - From: Søren Hansen
- Re: Passwordless login
  - From: George
- Re: Passwordless login
  - From: Søren Hansen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]