LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices



Reply
 
Search this Thread
Old 10-24-2008, 04:20 AM   #1
elchupanebre
LQ Newbie
 
Registered: Oct 2008
Posts: 3

Rep: Reputation: 0
GDM: Access login credentials after login


Hi,

I have to run a few commands after the user logged in. As I'm using GDM as login manager so there is /etc/gdm/PostLogin/Default script which is able to handle that.

Some of that commands need the users login name and password. Login name is not a problem as $LOGNAME contains that information, but is it possible to access the users password after he has logged in into GDM?

Thanks for your help
El
 
Old 10-24-2008, 05:34 PM   #2
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 82
Can you explain a bit more why you need this info? Sounds like you want to keylog someones info, which is against the rules: http://www.linuxquestions.org/linux/rules.html
 
Old 10-25-2008, 03:37 AM   #3
elchupanebre
LQ Newbie
 
Registered: Oct 2008
Posts: 3

Original Poster
Rep: Reputation: 0
Oh, yeah sure!

I manage our universities network and we plan to introduce 802.1x to authenticate the students using our network. 802.1x authentication works well using wpa_supplicant but gui support for wired connections is terrible. The solution has to be as easy as possible.

The idea is that /etc/gdm/PostLogin/Default starts wpa_supplicant and provides the users login credentials via wpa_cli.

Code:
### SETUP NETWORK INTERFACE
#
INTERFACE="eth0"
#
# prompt for users password field
#
if ! PASS=`zenity --entry --hide-text --text "To gain access to the network please enter the password for user \"$LOGNAME\" again:"`; then
  exit;
fi
#
# restart network interface
#
ifconfig $INTERFACE down
ifconfig $INTERFACE up
#
# start wpa_supplicant and provide users login credentials
#
wpa_supplicant -D wired -i $INTERFACE -c /etc/wpa_supplicant.conf -f /var/log/wpa_supplicant.log -B
wpa_cli identity network $LOGNAME
wpa_cli password network $PASS
#
sleep 3
#
# start DCHP request
#
dhclient $INTERFACE
#
It works quite well but it's ugly to prompt for the users password. It would be much smoother if I could grab it from GDM so the users won't recognize the authentication process.
 
Old 10-29-2008, 03:37 PM   #4
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 82
Would you not store this information in the users keyring? That way, the wireless network can pull up info from keyring...
 
Old 10-30-2008, 05:19 AM   #5
elchupanebre
LQ Newbie
 
Registered: Oct 2008
Posts: 3

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by irishbitte View Post
Would you not store this information in the users keyring? That way, the wireless network can pull up info from keyring...
It's not about authenticating against a wireless network. It's about authenticating against a wired network.

How could I store the credentials in the users keyring? And how could I access them because wpa_supplicant has to run as root.
 
Old 10-30-2008, 05:53 AM   #6
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
I'd recommend reading some howto's found with the google terms: 'robust secure network' linux ccmp

I hope you aren't using wpa_psk protocol. The password in that case would be the same for all of the students. The wpa_password isn't the
same as the password that is used for authentication into a host.

If these are fixed lab computers and not the students' own laptops, then I suppose you could have a 'secret' in a file if the
students don't have root access. But if this is the case, why don't the login credentials control who has access to the network?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
xdmcp gdm vnc remote access on Fedora 9 login problem JSLayton Linux - Software 1 09-23-2008 03:53 PM
Samba Printing without Login/Credentials luke802 Linux - Software 0 12-23-2007 09:46 AM
NIS/LDAP alternative: manual-copy-of-login credentials utility? mattengland Linux - Software 0 09-11-2005 11:19 PM
Mapping windows directory to linux client automatically at login with credentials bschneider Linux - Networking 13 05-12-2005 11:21 AM
X login using GDM koyi Slackware 2 07-25-2003 12:00 AM


All times are GMT -5. The time now is 01:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration