SUMMARY: disallowing root w/ xdm

From: Brendan Kehoe (
Date: Mon Jan 20 1992 - 12:42:10 CST

My thanks go to: (Fabrice Le Metayer)
        Seth Robertson <> (Cameron Humphries) (Gerhard Holzer) (Per Hedeland)
        Brent Alan Wiese <> (Eckhard Rueggeberg) (Jyrki Havia) (Rand S. Huntzinger)

(and possibly others).

The quick solution is to put this in /usr/lib/X11/xdm/Xsession:

        # Make sure root can't log in.
        if [ "$USER" = "root" ]; then
                exit 0

which does the trick, but doesn't fill out a few other small holes.

Seth Robertson mentioned setting the DisplayManager*startup resource
to a script that's run as root that can do a similar test, among other
things (like check that the user's shell is in /etc/shells). He uses
a script called Xstartup that looks for /etc/nologin and performs wtmp
accounting. The stuff's on in the directory
Xkernel, named xdm.R5.test-config.shar. I'm going to use this method
when I have a few minutes free to sit down & set it up. (For the time
being I've gone with the quick fix.)

Brendan Kehoe, Sun Network Manager            
Widener University                                                 Chester, PA

``Ya know Quaker Oats make you feel good twice?'' Hmm.

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:34 CDT