On Mon, Apr 2, 2012 at 3:53 PM, Matthias Clasen <mclasen(a)redhat.com> wrote:
On Sat, 2012-03-31 at 12:26 -0500, Bruno Wolff III wrote:
> On Sat, Mar 31, 2012 at 18:40:46 +0200,
> Joachim Backes <joachim.backes(a)rhrk.uni-kl.de> wrote:
> >On 03/31/2012 05:17 PM, Bruno Wolff III wrote:
> >> I found the code used. It is in the accountsservices package, not gdm as
> >> expected.
> >>
> >> There is a list of excluded users and any users with a shell that has
> >> a basename of false or "nologin" are also excepted.
> >>
> >> The list of excluded users is currently:
> >> bin, root, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp,
operator,
> >> nobody, nobody4, noaccess, postgres, pvm, rpm, nfsnobody, pcap
> >
> >Hi Bruno,
> >
> >thanks for your clarification. So my proposal: why not extend this hard
> >coded list by a second (dynamic) one administratable by the fedora admin?
>
> I think you can as there was code to add more logins to the list. I think
> it uses dconf keys to do it, which are a bit of a pain to set, especially
> for gdm instead of the current user.
No, gdm doesn't currently do its own filtering on top, except for
excluding 'gdm' and uid 0.
Discussion seem to have stalled ... what are we going to do about this?