On Tue, 28 Aug 2012 00:32:47 +0100 Colin Guthrie <gm...@colin.guthr.ie> wrote:
> > It's not really as simple as that these days. In order to do things > cleanly (and from what I understand the CK way was certainly far from > clean), you really need to use some kind of login agent. Typically this > would be the job of the DM, but as you are not using one, it's obviously > not going to work. > > So in theory you need to spawn something that acts as a proper login > agent, has a real PAM conversation and then starts X for you. That's the > only real way to do the proper user registration (for the simply fact > that it's not really possible to start a session from a session. > ... > > Looking forward a simple "autologin" system could get around this. e.g. > gdm has autologin support. Say it was modified to take the autologin > user as an argument. You could have a small setuid binary wrapper that > started gdm for you and passes your user as the autologin user when it > execs the main gdm process. This would mean all the proper PAM > conversations happen as expected and everything should be fine. > > I only use gdm as an example here as it's got (AFAIUI) good PAM code. A > standalone autologin system that does PAM well would be fine too (tho' I > believe it's quite easy to write bad PAM code...) > Just to be clear, there's nothing wrong with "login" establishing the PAM session and doing startx without changing vt from there, right? Wanted to ask, because it seem to me that gdm with autologin seem to be unnecessary if just startx works, and OP seemed to be logging into a text vt explicitly anyway, so I can assume gdm does something more (PAM-wise?) than login(1) does? -- Mike Kazantsev // fraggod.net
signature.asc
Description: PGP signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
