My thanks go to:
email@example.com (Fabrice Le Metayer)
Seth Robertson <firstname.lastname@example.org>
email@example.com (Cameron Humphries)
Gerhard.Holzer@rcvie.co.at (Gerhard Holzer)
firstname.lastname@example.org (Per Hedeland)
Brent Alan Wiese <email@example.com>
firstname.lastname@example.org (Eckhard Rueggeberg)
email@example.com (Jyrki Havia)
firstname.lastname@example.org (Rand S. Huntzinger)
(and possibly others).
The quick solution is to put this in /usr/lib/X11/xdm/Xsession:
# Make sure root can't log in.
if [ "$USER" = "root" ]; then
which does the trick, but doesn't fill out a few other small holes.
Seth Robertson mentioned setting the DisplayManager*startup resource
to a script that's run as root that can do a similar test, among other
things (like check that the user's shell is in /etc/shells). He uses
a script called Xstartup that looks for /etc/nologin and performs wtmp
accounting. The stuff's on ftp.ctr.columbia.edu in the directory
Xkernel, named xdm.R5.test-config.shar. I'm going to use this method
when I have a few minutes free to sit down & set it up. (For the time
being I've gone with the quick fix.)
-- Brendan Kehoe, Sun Network Manager email@example.com Widener University Chester, PA
``Ya know Quaker Oats make you feel good twice?'' Hmm.
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:34 CDT