Brian Cameron wrote: > > If configured, GDM can will display "Shutdown" and "Restart" buttons > for shutting down and restarting the machine. Refer to section 4.1.9 > for more information. > This should not be configured by default if the user is not authenticated. > By default GDM now displays all users on the system in a face browser > so the user can select the username from a list and then enter the > password. The most frequent users are displayed first and the list > of frequent users is obtained using the ConsoleKit /usr/bin/ck-history > interface. The face browser includes an "Other" choice which allows > the user to avoid using the face browser and enter the PAM prompts > directly (e.g. username and password) if they wish. This "Other" > choice is needed, for example, to login as a system user, since system > users are not displayed in the face browser. The face browser feature > can be disabled via configuration so that users simply enter responses > to PAM prompts. For example, many Sun Ray users would likely want to > disable the Face Browser. > It is a security vulnerability to display the list of valid usernames to unauthenticated individuals, so we shouldn't deliver the system with this configured by default. > Once the user has entered their username, or selected it via the > face browser, the panel shows interfaces for selecting the session to > log into and the language to use. If there is only one session type > installed on the system, the session selection interface is not > displayed and GDM assumes the user will log the user into that one > available session. The user's default choices for session and > language > are automatically selected, so the user only needs to select them on > first-time login or if they wish to use a non-default value. If a > non-default value is selected, GDM automatically makes it the new > default value for that usre in subsequent logins. > Hopefully we can use this feature when TX is enabled to specify single or multilevel sessions.
--Glenn
