Steve Franks wrote:
I know it's a shockingly bad idea from a security perspective, but I'm
giving a system to a family member that's not going to be spending
much time on the net, so I think it's an acceptable risk.  It's an
isolated desktop/user system, and I'd like it to boot straight to
xfce, just like the OLPC I just got....

The key to this is the 'al' capability described in gettytab(5).

Basically you set up a special terminal type in /etc/gettytab which
includes auto-login as whatever user you require (ie. copy the 'Pc'
entry and add an 'al=username' field).  Then in /etc/ttys
you tell the system to use that particular terminal type on either
the console or a particular vty.  init will detect when the login
session ends and respawn it, exactly as it does the usual login process.

So long as the console is in a location where only approved people can
get to it, it's not even hugely insecure.  You certainly should take
pains to ensure that you cannot access the account remotely by eg. ftp(1)
or ssh(1) though.



This has been a rehash of a post I originall made in 2004:

Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                 Flat 3
PGP:     Ramsgate
                                                 Kent, CT11 9PW

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to