Brian Cameron wrote: > > Casper: > >>>> nobody:x:60001:60001:NFS Anonymous Access User:/: >>>> noaccess:x:60002:60002:No Access User:/: >>>> nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/: >>> >>> Since these users do not have valid shells specified, these would not >>> be shown. >> >> These actually have a valid shell (the default shell, /bin/sh, is used >> when >> the password shell lists the empty string for the shell). > > Looking more closely at the GDM code, I see that it has a hardcoded list > of users to not show in the face browser. These include: > > "bin" > "root" > "daemon" > "adm" > "lp" > "sync" > "shutdown" > "halt" > "mail" > "news" > "uucp" > "operator" > "nobody" > GDM_USERNAME (normally the "gdm" user) > "postgres" > "pvm" > "rpm" > "nfsnobody" > "pcap"
That list looks very "Linuxy" :-) It needs to have noaccess and nobody4 added to it for OpenSolaris. and still does the < 100 check ? >> Can gdm determine which users are locked? > > No. GDM currently excluses users under MinimalUID (100), users without > valid shells, and users in the above list. > > It should not be hard to add extra logic to avoid adding other users > if appropriate. For example, is there a way to check which users are > locked? I am sure code could be added to exclude other types of > appropriate users. *LK* in as the first four chars of the password field. This is defined in shadow(4). -- Darren J Moffat
