Hi,
I have set up lightdm to support guest accounts.
The problem lies in default PAM setting in Debian.
Here is the line that permits password-less logins on "secure" ttys in
/etc/pam.d/common-auth file:
-----------------------------------------------------------------
auth [success=1 default=ignore] pam_unix.so nullok_secure
-----------------------------------------------------------------
We need just to allow blank password in any case.
What I actually done is:
# sed -e 's/_secure//' /etc/pam.d/common-auth >
/etc/pam.d/common-auth-insecure
# sed -i -e 's/common-auth/&-insecure/' /etc/pam.d/lightdm
And it works, also preventing logins without password by SSH.
So, according to configured central authentication policy, lightdm
(which is not a plain tty AFAIK) behavior seems correct.
--
Denys Gavrysh
_______________________________________________
Pkg-xfce-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-xfce-devel
