(I posted this to debian-security earlier today, but debian-user might be a better place for it. Please CC: me on replies.)
Haven't found a solution in any searches I've done thus far, so here's my problem: Given: - 1 workstation running gdm 2.2.5.5-2 (and pam 0.72-35), offering XDMCP access to selected other X Terminals, and also allowing gdm logins on the local console. - 1 remote X Terminal (soon to be several) which connects to the above workstation via XDMCP. The problem is that I'd like for users logging in locally via gdm to be added to the various audio, floppy, etc. groups so that they have access to the normal sound and removable media devices on the workstation. However, I'd like for users logging in remotely via gdm (the X Terminal users) to *not* get any special access to the hardware. Here's my line from /etc/security/group.conf: gdm; :*; *; Al0000-2400; audio,floppy,video,cdrom I have verified that a remote login gets tty set to 'remoteterm:0', for example, and a local login gets tty set to ':0'. I'd have thought that the ':*' would match ':0', but not 'remoteterm:0', but it apparently matches both according to the pam debug log. If at all possible, I'd really rather not install xdm for remote logins, and gdm for local. -- Mike Renfro / R&D Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University -- [EMAIL PROTECTED] -- Mike Renfro / R&D Engineer, Center for Manufacturing Research, 931 372-3601 / Tennessee Technological University -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
