Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora User (http://www.linux-archive.org/fedora-user/)
-   -   Acknowledge consent before login (http://www.linux-archive.org/fedora-user/124421-acknowledge-consent-before-login.html)

"Stephen Berg (Contractor)" 07-14-2008 12:16 PM

Acknowledge consent before login
 
I'm searching for a method to display a consent to monitoring statement
on either GDM or KDM in Fedora 9. I'm not tied into either display
manager so whichever one is easiest to set up wins. The message
displayed is about 25 lines in a standard text file layout, and all
users must acknowledge the statement by clicking an OK button before
they are allowed a login attempt. This was pretty easy to do under Core
6 by having /etc/motd contain the required text and referencing it in
/etc/gdm/custom.conf like so:


[greeter]
InfoMsgFile=/etc/motd
InfoMsgFont=Courier Bold 17
GraphicalTheme=Bluecurve

Has anyone found a way to set this up in Fedora 9? GDM doesn't seem to
pay any attention to the greeter section in custom.conf any longer.


--
Stephen Berg
Systems Administrator
NRL Code: 7321
Office: 228-688-5738
stephen.berg.ctr@nrlssc.navy.mil


--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

g 07-16-2008 06:37 PM

Acknowledge consent before login
 
Stephen Berg (Contractor) wrote:
I'm searching for a method to display a consent to monitoring statement
on either GDM or KDM in Fedora 9. I'm not tied into either display


an interesting question, which you may not have found and answer.

i do not know how this would work, and maybe some others can make some
further suggestions.

years back under cromix and early unix, i modified 'passwd' to restrict
logins to certain programs.

applying this to linux, should/may not be all that different.

instead of using '/bin/bash' as startup shell, consider something like
'/bin/bash/consent'.

'consent' could then be a script to display consent agreement and prompt
for a 'y/n' reply. if $1 = 'y' then startx. if $1 = 'n' then exit.

something to think about.

hth.

--

tc,hago.

g
.

in a free world without fences, who needs gates.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

"Mikkel L. Ellertson" 07-16-2008 08:15 PM

Acknowledge consent before login
 
g wrote:

Stephen Berg (Contractor) wrote:
I'm searching for a method to display a consent to monitoring
statement on either GDM or KDM in Fedora 9. I'm not tied into either
display


an interesting question, which you may not have found and answer.

i do not know how this would work, and maybe some others can make some
further suggestions.

years back under cromix and early unix, i modified 'passwd' to restrict
logins to certain programs.

applying this to linux, should/may not be all that different.

instead of using '/bin/bash' as startup shell, consider something like
'/bin/bash/consent'.

'consent' could then be a script to display consent agreement and prompt
for a 'y/n' reply. if $1 = 'y' then startx. if $1 = 'n' then exit.

something to think about.

hth.


For text logins, you could use /etc/issue and /etc/issue.net.

Mikkel
--

Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

"Stephen Berg (Contractor)" 07-16-2008 08:25 PM

Acknowledge consent before login
 
Mikkel L. Ellertson wrote:

g wrote:

Stephen Berg (Contractor) wrote:
I'm searching for a method to display a consent to monitoring
statement on either GDM or KDM in Fedora 9. I'm not tied into
either display


an interesting question, which you may not have found and answer.

i do not know how this would work, and maybe some others can make some
further suggestions.

years back under cromix and early unix, i modified 'passwd' to restrict
logins to certain programs.

applying this to linux, should/may not be all that different.

instead of using '/bin/bash' as startup shell, consider something like
'/bin/bash/consent'.

'consent' could then be a script to display consent agreement and prompt
for a 'y/n' reply. if $1 = 'y' then startx. if $1 = 'n' then exit.

something to think about.

hth.


For text logins, you could use /etc/issue and /etc/issue.net.

Mikkel
I've got it working for text logins like ssh but the problem is logging
in via GDM and/or KDM in a gui environment. Users are required to
acknowledge the consent statement before logging in to the system.
Since gdm-simple-greeter is missing these days, what used to be simple
is now becoming a problem.


--
Stephen Berg
Systems Administrator
NRL Code: 7321
Office: 228-688-5738
stephen.berg.ctr@nrlssc.navy.mil


--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Frank Cox 07-16-2008 08:27 PM

Acknowledge consent before login
 
On Wed, 16 Jul 2008 15:25:48 -0500
"Stephen Berg (Contractor)" <stephen.berg.ctr@nrlssc.navy.mil> wrote:

> I've got it working for text logins like ssh but the problem is logging
> in via GDM and/or KDM in a gui environment. Users are required to
> acknowledge the consent statement before logging in to the system.

What about using a custom gdm theme?

--
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Todd Denniston 07-16-2008 09:00 PM

Acknowledge consent before login
 
Stephen Berg (Contractor) wrote, On 07/16/2008 04:25 PM:

Mikkel L. Ellertson wrote:

g wrote:

Stephen Berg (Contractor) wrote:
I'm searching for a method to display a consent to monitoring
statement on either GDM or KDM in Fedora 9. I'm not tied into
either display



<SNIP>
I've got it working for text logins like ssh but the problem is logging
in via GDM and/or KDM in a gui environment. Users are required to
acknowledge the consent statement before logging in to the system.
Since gdm-simple-greeter is missing these days, what used to be simple
is now becoming a problem.




Are you interpreting the requirement as a
"The user must actively press a button" 'acknowledge the consent statement'
or
"by continuing to log into this system you agree/understand the following"
'acknowledge the consent statement'


if you are good with the second meaning then the Welcome setting in
/etc/gdm/custom.conf is what you are looking for.


https://www.redhat.com/archives/fedora-list/2007-December/msg01819.html

modulus:
https://www.redhat.com/archives/fedora-test-list/2008-May/msg00087.html
https://www.redhat.com/archives/fedora-test-list/2008-May/msg00117.html
https://www.redhat.com/archives/fedora-test-list/2008-May/msg00104.html
https://www.redhat.com/archives/fedora-test-list/2008-May/msg00276.html
https://www.redhat.com/archives/fedora-test-list/2008-May/msg00289.html
https://www.redhat.com/archives/fedora-test-list/2008-May/msg00297.html



on F8 in /etc/gdm/custom.conf I had to set

[greeter]
Use24Clock=yes
DefaultWelcome=false
Welcome=our

- multi line message
BackgroundType=1
GraphicalTheme=circles
Browser=false

to get something reasonable. I have not bothered with F9 yet as the whole
thing looks like a mess yet.

Please let us know if this gets you where you need to be.

--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Tim 07-17-2008 01:36 AM

Acknowledge consent before login
 
On Wed, 2008-07-16 at 15:25 -0500, Stephen Berg (Contractor) wrote:
> I've got it working for text logins like ssh but the problem is
> logging in via GDM and/or KDM in a gui environment. Users are
> required to acknowledge the consent statement before logging in to the
> system.

If you're liberal in how you acknowledge acknowledgement being
acknowledged, you could write the agreement into the graphic used as the
background for GDM/KDM/etc, and just take the entry of the username and
password as being the user agreeing.

Personally, I don't see that clicking on an additional "yes" button
makes any difference. I'll click on it and lie, anyway. Or not abuse
the system, anyway.

--
[tim@localhost ~]$ uname -r
2.6.25.9-76.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.



--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

g 07-17-2008 03:20 AM

Acknowledge consent before login
 
Tim wrote:

Personally, I don't see that clicking on an additional "yes" button
makes any difference. I'll click on it and lie, anyway. Or not abuse
the system, anyway.


not for sure, but he may be talking about a military base use.

not a good place to lie about such things.


--

tc,hago.

g
.

in a free world without fences, who needs gates.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Tim 07-17-2008 03:57 AM

Acknowledge consent before login
 
Tim:
>> Personally, I don't see that clicking on an additional "yes" button
>> makes any difference. I'll click on it and lie, anyway. Or not abuse
>> the system, anyway.

g:
> not for sure, but he may be talking about a military base use.
>
> not a good place to lie about such things.

I'm inclined to make a pithy comment about the military and truth, but I
don't think I'll bother. ;-)

Going back to what I said earlier, though. There's little difference
between "by logging on you consent to..." and an extra "by clicking on
'yes' you consent to..." (after you've already logged on, or before you
do so). Either the user is going to obey or abuse, they're informed of
their obligations either way, clicking on one more thing isn't going to
force them to do what they should.

I can't help but wonder if Fedora would be appropriate for military use,
though. I doubt it'd have enough checks made on the code being used for
it to be cleared. Whether that be for security, or simply for
reliability.

--
[tim@localhost ~]$ uname -r
2.6.25.9-76.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.



--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

g 07-17-2008 05:04 AM

Acknowledge consent before login
 
Tim wrote:

I'm inclined to make a pithy comment about the military and truth, but I
don't think I'll bother. ;-)


there is a lot of controversy about such, some of which i might tend to
agree. not bothering, i do agree with. this list is just not place for
it, even as an 'ot'.


Going back to what I said earlier, though. There's little difference


i can tell you have never been in military, as there is a long and true
saying. 'there is a right way, a wrong way, and a military way'.


their obligations either way, clicking on one more thing isn't going to
force them to do what they should.


no. it does not. but it does give warning and from this warning, if they
violate, then they are subject to full military prosecution.


I can't help but wonder if Fedora would be appropriate for military use,


i am at wonder about use of fedora also. my understanding is that only
redhat has meet government and military requirements.


--

tc,hago.

g
.

in a free world without fences, who needs gates.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list


All times are GMT. The time now is 12:39 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.