Hi,
I have set up lightdm to support guest accounts.
The problem lies in default PAM setting in Debian.
Here is the line that permits password-less logins on "secure" ttys in
/etc/pam.d/common-auth file:
-----------------------------------------------------------------
auth [success=1 default=ignore] pam_unix.so nullok_secure
-----------------------------------------------------------------
We need just to allow blank password in any case.
What I actually done is:
# sed -e 's/_secure//' /etc/pam.d/common-auth >
/etc/pam.d/common-auth-insecure
# sed -i -e 's/common-auth/&-insecure/' /etc/pam.d/lightdm
And it works, also preventing logins without password by SSH.
So, according to configured central authentication policy, lightdm
(which is not a plain tty AFAIK) behavior seems correct.
--
Denys Gavrysh
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
