[gdm-list] login without password
- From: Maarten de Boer <mdeboer iua upf edu>
- To: gdm-list gnome org
- Subject: [gdm-list] login without password
- Date: Fri, 8 Jun 2007 12:11:58 +0200
Hello,
Yesterday, I setup my system (Ubuntu 7.04, though I am pretty sure it
is a common issue) to allow password-less login for my daughter. The
gdmsetup utility has the security option for autologin, which almost
does what I want, but not quite.
So I found the gdm.conf option PasswordRequired=false, but this wasn't
enough; I also had to create a file containing the usernames allowed to
do passwordless login, and modify my /etc/pam.d/gdm.conf to contain:
auth sufficient pam_listfile.so sense=allow file=/etc/gdm/nopassword item=user
All-together, a bit tricky for a feature that, even though it is some
sort of a niche, in my opinion is rather important for the introduction
of linux into the home environment. I really don't want to require a 5
year old to authenticate.
I think it would be very nice to have the PasswordRequired=false
functionality somehow present in the gdmsetup utility, as well as the
list of users that can login without a password.
After off-list discussion with Brian Cameron, I realize that it would
be problematic for gdmsetup to have to modify the pam configuration.
So a good solution would be to have a /etc/pam.d/gdm-nopassword file,
similar to the /etc/pam.d/gdm-autologin file, that would be used by
gdm if the PasswordRequired option is set to false. It would contain
the auth sufficient pam_listfile.so line above.
The gdmsetup utility could then contain a checkbox to activate this
"Allow login without password" feature, combined with a list of users
"Users that can login without password" (which modifies the
/etc/gdm/nopassword file).
I would be pleased to submit a patch to gdm and gdmsetup to add
this functionality, if it would be accepted upstream. I am aware that
there is a security issue involved here, but as it is restricted to the
gdm login only, I suppose it should be acceptable, especially since
the passwordless autologin is also there, which implies exactly the same
security issue.
What do you think?
Kind regards,
maarten
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
