On Fri, Mar 21, 2003 at 10:11:38AM -0500, Ken Hornstein wrote: > >> Heh. You see why I choose to make xlock use the Kerberos call directly? > > > >Yep -- were these patches submitted to the XFree86 xlock or xlockmore? > >Where could I find them? > > xlockmore; if you go to the xlockmore site and download the latest snapshot, > they should be in there.
Its been awhile but last I checked xlockmore did not handle the case where the users passwd has expired while the screen was locked. Though I think it could readily, as the krb5 code it seems to me returns a error code about an expired passwd after its checked to see if the passwd matched.. that should be sufficient to let a user unlock his screen. My thoughts on this were always that xlock (xlockmore whatever...) should not get _tickets_ for people, only authenticate them. I never felt that xlock(more) should get tickets for the user, though I think that is what their code does if I recall. --ray ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
