[Users] [Bulk] Re: Password before opening CM?

[Kevin Chadwick]

previously on this list Colin Leroy contributed:

> > Depends on your system. If it's ubuntu it would likely be
> > in /etc/lightdm.conf.  
> 
> It can often be configured from the "Users" System settings nowadays.

Yeah but I don't use it and so wouldn't know how to describe it and
telling them the actual files teaches users to fish. Linux has no
cryptic impossible to configure registry yet, though xml and json and
binary is rearing it's ugly head more and more without thought for all
use cases (systemd logging and append only, access from machines
without the binary reading tools or wanting to use the many text
manipulating tools etc.).

Personally I disable gui elements running as root with synaptic-pkexec
and polkit in general being perfect examples of devs being clueless
about security best practice. These things are perfectly do-able in an
easily controlled and secure manner but it simply doesn't happen. I
guess the people who can often prefer the console anyway or haven't
found the time to sort it.

p.s. Recently fought with upstream to disable polkit on my tvs as
polkitd now ignores roots wishes and corrects permissions so It's now
easiest to swap a nail for a sledgehammer with /bin/mv to avoid dumb
depends.

-- 
_______________________________________________________________________

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

In Other Words - Don't design like polkit or systemd
_______________________________________________________________________