gdm

Dagmar d'Surreal dagmar at speakeasy.net
Tue Jun 17 17:35:13 PDT 2003


On Tue, 2003-06-17 at 02:47, Michael A. Peters wrote:
> On Mon, 2003-06-16 at 18:40, Dagmar d'Surreal wrote:
> > 
> > Okay, you're really reaching here... Only root can send signals to GDM. 
> > If root should fire off kill signals to things, they are supposed to
> > fall over.  This isn't likely to change (unless j00 g3t 0wn3d).  GDM
> > starts X, and is therefore it's parent.  Unless GDM stays it's parent,
> > it's really not got much of a way to know when it should grab control of
> > the display again when the user logs out.
> 
> webmin.
> gnome-setup-tools.
> countless other admin interfaces to allow system administration.
> 
> If you accidentally tell apache to restart when you meant to tell ftpd
> to restart (after applying security patch for fast spreading worm) -
> it's a bummer, but it you accidentally tell gdm to restart - you can (on
> a multi-user system) end up logging a lot of people out of their
> desktops.

First off I want to mention for those in the peanut gallery that this
has zero impact on probably 99% of the installations out there, since
not all that many places are using full thin-clients on their desktops.

Secondly, if you accidentally tell X to restart pretty much the same
thing will happen.  The same thing will also happen if you accidentally
tell the machine to reboot.  Worse will happen if you accidentally tell
the machine to change to runlevel 3 because the poor thin-client users
won't be able to log back in and will wander around the office like
zombies looking for support staff to eat until things are made better.

It is a fool's game to try to protect the system from the
administrator.  The system is supposed to do what the administrator asks
without trying to contradict or second-guess them.  The administrator
for his part is supposed to be competent and not prone to such poor
motor control that they mis-click and destroy things using a GUI.  If
you want sassback from your systems, run Windows.

> True, the issue also exists with accidentally restarting sshd etc. but
> typically an ssh session in not the users primary desktop, they are
> running ssh from within another desktop on another system, and only
> running a limited of number of apps through ssh. The damage of killing
> their connection isn't as likely to be as devastating as killing people
> logged into a remote desktop via gdm.

Allow me to introduce you to a concept apropos to critical production
services called a "maintenance window".  If there's a risk the admin can
crash the main X server and shut down everyone's desktop in the office,
then the admins are simply not supposed to be screwing around with that
equipment during working hours, and instead _only_ during a pre-declared
time period when the entire office knows that all bets are off, they
could be logged out forcibly at any time, and that even the overhead
lights might be subject to sudden deactivation.
> -=-
> Granted - an unlikely scenario.
> But how often do you corrupt your XFree86 config file to make running
> gdm from an init beneficial?

Probably less often than someone with parkinson's does trying to restart
services with a GUI, but considering that when it _does_ happen (for
reasons like sticking a USB mouse in when XFree86 is expecting a PS/2
mouse, which will tank it) you wind up with a madly cycling XFree86 or a
missing mouse and/or keyboard, it's worth taking that extra moment to
make sure it'll behave properly.  More to the point, anything someone's
doing devel work on (which I think LFS-based machines would be included
in by default) is at risk of shared library breakage which could keep
gdm from running at all.

> Really when modifying XFree86 config file it should be done and tested
> from run level 3 anyway. Oh - and not having your mouse plugged in (as
> someone suggested) I don't think that would affect gdm's ability to run.
> I believe gdm runs just fine on headless servers with no mouse and
> keyboard - as gdm is often used in thin client environments.

Not "someone", me.  If you have in your config file a mouse device
specified as CorePointer and it doesn't exist when XFree86 starts, you
can be very sure that XFree86 will complain about it and exit.  You may
only assign one CorePointer device in the config for 4.3.x, although you
may merrily have mutliple devices sending signals to it, the CorePointer
designated pointing device _must_ be there unless you've pre-configured
XFree86 not to need a pointer at all.

As to the business about running GDM on a headless server... put down
the crack pipe and step away from the keyboard.  GDM does not care
whether or not there is a mouse or keyboard present.  XFree86 is what
depends on those, and yes, while it can merrily operate without them, it
has to be specially configured in advance to not be bothered by the lack
of them. 

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-dev' in the subject header of the message



More information about the blfs-dev mailing list