Nicolas Williams wrote: > On Tue, Aug 18, 2009 at 06:00:08PM -0500, Brian Cameron wrote: >> [...] >> But, this should not be a problem. As long as GDM exposes interfaces >> that the installer, Users and Groups, and useradd(1M) interfaces can use to >> configure GDM to show the right users in the Face Browser, this sort of >> deeper integration should be possible. > > Exactly :) > > That's what I want to see. That approach lets you solve the $HOME > access issue and avoid naughty local user heuristics. > >>> If root is not a role, then why not put root in the face browser? >> Currently the code filters out UID's under 100. If someone thinks it >> is important for GDM not to do this, then an ARC member will need to >> say it would otherwise be a TCR. > > I'm not an ARC member, and I don't care very much about seeing non-role > root appear in the face browser. But that does make me wonder: should > GDM not filter out roles from the face browser as a general rule?
Yes it probably should, since they won't be able to login. However given they won't be able to login they shouldn't be appearing there anyway. Note that customer defined roles won't have UID < 100 but the existing (and future) Solaris defined ones will. > And if one wanted to do per-user opt-in then user_attr(4) seems like a > good place to manage that. It would be but that is Solaris specific, I think having a non Solaris specific method to control wither or not a user is shown in the face browser would be useful. -- Darren J Moffat
