From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1N980H-0001bh-DJ for garchives@archives.gentoo.org; Sat, 14 Nov 2009 02:04:41 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AA733E0888 for ; Sat, 14 Nov 2009 02:04:40 +0000 (UTC) Received: from ey-out-1920.google.com (ey-out-1920.google.com [74.125.78.145]) by pigeon.gentoo.org (Postfix) with ESMTP id 276E8E0814 for ; Sat, 14 Nov 2009 00:25:13 +0000 (UTC) Received: by ey-out-1920.google.com with SMTP id 3so918177eyh.40 for ; Fri, 13 Nov 2009 16:25:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:reply-to:to:subject:date :user-agent:references:in-reply-to:mime-version:content-type :content-transfer-encoding:message-id; bh=/RpxUD6rNFnBqhLrKs/qkK/OHXD0HD+dpSRTlpEar6o=; b=P+NsZ8/wyAAQspT0acHhl6m1IfHGUHTU5UIpIAyNSrNCIGegogib14tAng5Osa5dxr HFzu+unZGwWvmQF16Oa8DoIhNhZkh4gm9+KR9f9E9J52S4XhuXELKf5d4jsN0PgKM2tL 9MqmKCOToiRi/tWQMqed/1mO1+quznYEzFYlk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:reply-to:to:subject:date:user-agent:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; b=eW9tX/zwt5pGUWZmNSNQV41gBkWsFhF4NQOcM2c5/UVMCVxgiWlAQTlaWSRAgBzTTG YSo0YvEWKHfIABI9+x/mXv4fvYYF35UUZeW5k103Rl7NTbV0fTRy8XhClfIceu863zYt Beqj8q5uk9G/n5KrPuBEG3zUiHm1e8oS0tc9E= Received: by 10.213.2.70 with SMTP id 6mr3380007ebi.30.1258158312613; Fri, 13 Nov 2009 16:25:12 -0800 (PST) Received: from lappy.localnet (230.3.169.217.in-addr.arpa [217.169.3.230]) by mx.google.com with ESMTPS id 24sm1213791eyx.5.2009.11.13.16.25.10 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 13 Nov 2009 16:25:11 -0800 (PST) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Block root user from login on xorg GUI Date: Sat, 14 Nov 2009 00:24:57 +0000 User-Agent: KMail/1.12.1 (Linux/2.6.30-gentoo-r8; KDE/4.3.1; i686; ; ) References: <200911122001.57860.michaelkintzios@gmail.com> <200911122218.51932.michaelkintzios@gmail.com> <1258067298.26857.29.camel@localhost> In-Reply-To: <1258067298.26857.29.camel@localhost> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart4615125.leqgT04Agg"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200911140025.08967.michaelkintzios@gmail.com> X-Archives-Salt: 333de4ab-cfd0-430d-a97b-b4ca5b3f95b4 X-Archives-Hash: 3e8f09be34615045ff2610be85feb63a --nextPart4615125.leqgT04Agg Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable On Thursday 12 November 2009 23:08:18 Iain Buchanan wrote: > On Thu, 2009-11-12 at 22:18 +0000, Mick wrote: > > On Thursday 12 November 2009 22:09:01 Alan McKinnon wrote: > > > Gdm itself has a config option to disallow root logins > > > > Ahh, unfortunately I can only access it remotely via ssh at this stage. > > Hopefully the pam method will work fine. >=20 > You don't need anything more to configure gdm than ssh access - this is > Linux after all & a good program has text based configurations :) >=20 > Edit /etc/X11/gdm/custom.conf >=20 > In the section [security] add: > AllowRoot=3Dfalse Thanks for this! :-) > You may then have to restart xdm. >=20 > However, if someone has the root password to log in to X, then what's to > stop them changing anything you do now? Know how? =2D-=20 Regards, Mick --nextPart4615125.leqgT04Agg Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEABECAAYFAkr9+OQACgkQVTDTR3kpaLawUgCfd8UZG9tXyncH4/WClJWrjzQd 0SgAoPS15anXwZl4XkfGSR0qisbPXZFu =iJFe -----END PGP SIGNATURE----- --nextPart4615125.leqgT04Agg--