On Thursday 12 November 2009 21:56:00 Alan McKinnon wrote: > On Thursday 12 November 2009 23:46:27 Mick wrote: > > On Thursday 12 November 2009 21:34:24 Paul Hartman wrote: > > > On Thu, Nov 12, 2009 at 2:01 PM, Mick wrote: > > > > I should know how to do this ... > > > > > > > > It isn't as simple as commenting out vc7 in /etc/securetty, right? > > > > The persistent offenders would try to start another X session on a > > > > different vc. > > > > > > > > Is there a trick I could add in /etc/pam.d/login or one of the > > > > /etc/pam.d/gdm* files perhaps? > > > > > > How do you start X? Do you use xdm/kdm/gdm or do you just "startx" or > > > use some other method? > > > > This box is configured to start X with gdm and it does not have kdm > > installed. > > http://www.google.com/search?q=block+root+login+gdm&ie=UTF-8&oe=UTF-8 > > Hits #1, 2 and 3 Thank you Alan, hadn't seen #1 which aligns with #3. It seems legit so I will try this in /etc/pam.d/gdm: auth required pam_succeed_if.so user != root quiet -- Regards, Mick