[systemd-devel] Should systemd-logind provide a DM-independent mechanism for handling guest accounts?
Laércio de Sousa
laerciosousa at sme-mogidascruzes.sp.gov.br
Wed Nov 12 03:02:08 PST 2014
2014-11-11 20:56 GMT-02:00 Daniel J Walsh <dwalsh at redhat.com>:
> The problems would be
> in having
> multiple users get access to the machine at the same time. For this you
> need something
> that generates a UID on the fly for the user. I would expect a fairly
> simple pam module
> could be done for this.
> One problem with this though would be a user might log in as guest user
> but endup getting
> the guest134 user account.
>
> This means you would want some kind of sssd interaction, so a user
> executing id or ls -lZ ~/
>
> Would see all of his files and processes running as guest.
>
This is more or less what LightDM currently does in its built-in guest
account support.
There's no user 'guest' previously created. Instead, "login as guest" is a
special entry
in LightDM. Whenever a user logs in as guest, a new temporary user is added
with username 'guest-XXXXXX' (with XXXXXX replaced with a random character
sequence)
and GECOS "Guest", and a temporary home folder is created. When guest user
logs out, this temporary user is deleted along with its home folder.
With this implementation, LightDM on-the-fly guest accounts are completely
multi-seat compliant. The downside is that normal and guest users need to be
treated differently in lightdm.conf. For example, there are distinct
options for
"autologin as normal user" and "autologin as guest".
--
*Laércio de Sousa*
*Orientador de Informática*
*Escola Municipal "Professor Eulálio Gruppi"*
*Rua Ismael da Silva Mello, 559, Mogi Moderno*
*Mogi das Cruzes - SPCEP 08717-390*
Telefone: (11) 4726-8313
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20141112/0b057a6c/attachment.html>
More information about the systemd-devel
mailing list