Roman - Thanks for the insight - xdm and kdm run fine. Neither of them run as suid root.t I'm looking into the strace now. - Steve --- Roman Drahtmueller <draht@suse.de> wrote:

Stephen,

It would be useful to know if the system is accessible if you run xdm or kdm instead of gdm. Unfortunately, I can't reproduce your problem right now.

Most liklely, the origin of the failure comes out of one or two corners:

1) a permission problem. You would have to strace or ltrace the binary to get more details (maybe the process changes euid and runs into a closed device file). Insert `strace -f -o /strace.gdm� before the "startproc" in /sbin/init.d/xdm. (kill the process with an atjob or alike to regain control again!)

2) a locale problem, or a mixture with 1). Since the thing works with gdm ran as root, the profile settings in one or more of /etc/rc.status, /etc/rc.config, /etc/SuSEconfig/profile may be the culprit.

If nothing helps, comment out line 29 in /sbin/init.d/xdm (which reads like "export $var") and see what it does.

Thanks, Roman. -- - - | Roman Drahtm�ller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | N�rnberg, Germany (Batman Costume warning label) | - -

...

Folks -

I ran the harden suse scripts today and have run into a little problem with gdm.

System is clean suse 6.4 install, clean helix-gnome 1.2 install. run level 3 booted to gdm login window.

Before running the harden script (options y y y y n n y n y y - modified workstation) on startup I would get the gdm login window. I could switch back to console 1, and log in either way.

Now I boot to the gdm login window - it accepts no keyboard inputs, making it impossible to login or change consoles.

Interestingly enough, now that it is disabled, I can run gdm fine from a root login and behavior is as expected.

This probably has something to do with some of the permission resets and that gdm can access the keyboard - can someone point me in the right direction for repairing this, or help me understand the benefit of this behavior.

Thanks.

- Steve

__________________________________________________ Do You Yahoo!? Kick off your party with Yahoo! Invites. http://invites.yahoo.com/