gdm Create User

Douglas McClendon dmc.fedora at filteredperception.org
Sat Oct 6 19:33:30 UTC 2007 

Richi Plana wrote:
> On Sat, 2007-10-06 at 13:58 -0500, Douglas McClendon wrote:
>> Richi Plana wrote:
>>> How about adding the functionality to create user accounts (local or
>>> network) at the gdm login screen?
>> I think a cool *optional* functionality would be-
>>
>> Whenever gdm receives an unknown username, *automatically* create that 
>> account as new, and log them in.
>>
>> Perhaps the way to implement your functionality, would be to have the 
>> above, but after login attempt, a 15 second timeout prompt pops up (with 
>> cancel), notifying that it was an unrecognized login, and asking for the 
>>   adminstrative password to confirm account creation.  And then perhaps 
>> a checkbox to enable/disable continuation of login for that user.  Then 
>> you get back to my functionality with an administrative setting that 
>> just disables the popping up of the confirmation/authentication dialog.
> 
> Well, that certainly sounds like a smart system ... and I'm all for
> computers trying to be smarter than their users (if they can do it
> successfully). But why add a timeout?

I was thinking out loud...  I was sort of trying to fit it in so it sort 
of still behaved like the old way (i.e. screen jiggle pause and back to 
login prompt).  But since you brought it up and I thought about it, I 
don't see a compelling reason for the timeout.

  I'm assuming finding out a list of
> users from the console isn't a security issue (since they're displayed
> as a list by GDM)

I don't think what I described changes anything from that security 
perspective.  I.e. already you get a 'invalid username' response.

  so why not make the computer think one of two things
> has happened: 1) the user mistyped the username or 2) the user wants to
> create a new user. The system could ask which and ask for the root
> password or directory administrator's password if it was a request for
> the creation of users.
> 
> It's not intuitive, though, so maybe a "Login (existing or create a new
> one)" at the prompt would be nice.

sounds good.

> Maybe then we could remove the "Create User" account at firstboot.

To round out the missing bits, the root authentication prompt might also 
include-

- confirmation of the user's chosen password
- optional Real Name setting
( default desktop choice comes from normal gdm session selection )

-dmc

More information about the fedora-devel-list mailing list