Re: [gdm-list] session and 'sudo' code



Hi,

On Mon, Aug 8, 2011 at 10:32 AM, † <govnototalitarizm gmail com> wrote:
> Use-case is rather simple:
> - I've got predefined username and password for the live-cd system
> - The user enters new password in greeter and press 'login' button
> - Greeter writes new password into /var/lib/gdm3/
> - Greeter performs login using predefined password
> - PostLogin script uses chpasswd to set new password and removes password file
There are existing facilities to force a user to change their
password.  I would just use those.  Run

chage -d0 username

or make the equivalent change to /etc/shadow manually.

> That's how it works for me now.
>
> Are there some drawbacks in this approach?
It's sort of working against the system a bit.

> What are the pro & contra of using pam module (or smth else maybe) in such use-case?
PAM is normally the thing that asks the user questions about login and
acts on it, so it makes sense to use PAM for that purpose.

--Ray


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]