RE: gdm stuff



> >>>>> "Daniel" == Daniel Burrows <Daniel_Burrows@brown.edu> writes:
> 
> Daniel> I made a patch to keep it from displaying all the accounts
> Daniel> such as mail, nobody, and so on; I don't know if this is the
> Daniel> Right Way but it works on my system.  It hides all accounts in
> Daniel> the browser except for UID 0 and UIDs between 1000 and 65534.
> 
> Until 0.3 or 0.4 that was how I did it (The UID range was tunable in
> gdm.conf). But Miguel persuaded me to do otherwise. Go bug him :)
> 
> Checking on password length is not a safe way to determine if a user
> is valid or not. gdmgreeter runs as gdm. Some systems have shadow
> passwords. Go figure...
> 
> I personally find it broken that non-users have valid shells. Obscured
> password field or not.
> 
> Unless somebody comes up with a brilliant idea I'll probably stuff the
> tunable uid range in again (But still defaulting to ``valid shells''
> mode).
> 
	Not having run gdm yet, is there, or will there be, a method (either
via file or a control-panel applet)that controls who is listed, who isn't,
etc. like there is for kdm? That's quite powerful, IMHO. It allows you to
specifically exclude entries in the passwd file (whether file-based or
map-based NIS/NIS+, etc.). That way when you have a 6000-7000 entry passwd
file you can allow all usernames, but you can remove project accounts,
special daemon accounts, etc.

	-j



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]