On Tue, 5 Mar 2002, Shlomi Fish wrote:
>
> I always considered Run Level 5 as a very bad idea, which I'll never want
> to use.
The most common argument against using xdm at startup ("runlevel 5" [1] is
that if you change the hardware or the settings the X server may fail to
load and then you get an infinite loop where the X server starts to load
(and takes the virtual console "focus") but immediately fails.
In serious cases the X server may even freeze the display, but this rarely
happens.
Since this is such a common problem, there are widely-available
work-arounds.
One possibility is that if the script that runs the X server gets to
execute the X server too many times in, say, 5 minutes, it will ask the
user whether to contnue. This has been implemented, for instance, in
Mandrake since 7.<something>
Latest debian X server packages have something more sophisticated: if the
X server fails, the user is dropped into a console-based menu that
suggests some alternatives (I'm not sure how they encounter false
negatives, if there are any)
> However, I recently run into a dillema here at the Computer
> Networks farm. If I start X from the console and lock it, then a
> malicious user can switch to the console from which it was invoked,
> press Ctrl+C or Ctrl+Z and gain my permissions.
>
> Naturally, there are ways to overcome it:
>
> 1. Using vlock -a on one of the virtual consoles. This renders the
> computer useless except for telnetting/sshing into.
>
> 2. Using screen to run "startx" in the background. This will require to
> hack a simple shell alias to do in style. However, I noticed that using it
> my sound eventaully became non-functional for some reason. It's probably a
> bug of some sort, but I have better things to do with my time than to try
> and sort it out.
>
> 3. Using Run-Level 5. That way, no virtual console are needed to invoke
> the X-server.
Do you have control over that (root permissions?
4. Block Ctrl-Break and Ctrl-Z in that script (not exactly sure how, rtfm
bash/tcsh)
[1] "runlevel 5" is where redhat (and following it some other distros,
like Mandrake). I believe that SuSE and debian have both runlevel 3
for graphical login. Debian has gdm, kdm (and even xdm and wdm...) as
init.d services.
--
Tzafrir Cohen
mailto:[EMAIL PROTECTED]
http://www.technion.ac.il/~tzafrir
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
