On Wed, Mar 4, 2009 at 10:25 AM, Steve Langasek <steve.langa...@canonical.com> wrote: > I don't know if the display names always belong to local X servers; > answering that question would go a long way to help resolve this bug.
OK. I just tested this by turning on XDMCP on the desktop box (192.168.119.2), and logging in from my laptop (192.168.119.5). From the laptop, attempting to log in as visitor fails, and when I subsequently log in as stephen and check /var/log/auth.log, I see that the failed visitor login has caused access denied: tty '192.168.119.5:3' is not secure ! So it looks like the names that PAM sees will in fact have a prepended hostname if they are X displays running remote. On that basis, I'm perfectly happy just to tack # Local X displays :0 :0.0 :1 :1.0 :2 :2.0 :3 :3.0 ... :63 :63.0 onto the end of /etc/securetty for my own use, and can see no real reason why this shouldn't be done as a distro default. Looks to me like the routines that parse /etc/securetty might benefit from some kind of wildcard support, though. That would make things much easier for anybody who actually wanted to turn on some password-free logins via a room full of thin clients. I can see a use for this in a classroom or public library, for example. -- users with no password can't log in with gdm https://bugs.launchpad.net/bugs/104957 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs