[OpenAFS] Re: Ubuntu 10.04 Login Issues

Andrew Deason adeason@sinenomine.net
Wed, 22 Dec 2010 14:58:46 -0500

On Wed, 22 Dec 2010 14:35:05 -0500 (EST)
"Thomas M. Payerle" <payerle@umd.edu> wrote:

> I do not see any good ways to get around this.  Allowing something
> w/out user's tokens read access to ~/.Xauthority seems rather
> questionable, plus awkward as needs some access to ~ as well.  Could
> probably hack gnome-screensaver to pass the magic cookie, etc. to the
> dialog process to avoid it requiring access to ~/.Xauthority, but I
> doubt gnome-screensaver maintainers would be interested in supporting
> that sort of change for a small user base of AFS users.

Store the user's Xauthority on local disk, not in AFS (/tmp, /var/tmp,
et al work fine). GDM and other display managers have an option for
this; it's typically recommended whenever $HOME is on any network

Andrew Deason