Red Hat Bugzilla – Bug 463345
RFE: disable history of users provided by ConsoleKit
Last modified: 2015-01-14 18:27:00 EST
Description of problem:
When gdm starts, all of the home directories of the recently logged in users get accessed. This causes a big problem on automated network home directories, because individual clients end up mounting a large number of users' directories.
On top of raising the bandwidth to our filers, we use kerberos, making it so that users get a large number of quota check permission denied errors every time they open a terminal (when the system attempts to get quota information).
I have the disable_user_list option set in the gconf, so there shouldn't be any 'per user' file access when gdm comes up.
On top of this, I can't seem to figure out where gdm is storing this list of recent users. I've basically grepped the whole disk on several clients, and deleted the utmp and wtmp.
I don't know exactly what file gdm is accessing (stracing gdm makes xorg spin on the computer's cpu for a really really long time), I would like to guess that it is trying to access ~/.face or similar.
Running version: gdm-2.22.0-6.fc10.i386
I looked into this a bit more. The problem is that a history of users is unconditionally getting loaded from ConsoleKit.
It would be nice to be able to disable this, possibly through adding a gconf key to conditionally call reload_ck_history in gdm/gui/simple-greeter/gdm-user-manager.c
It appears that just deleting the history works from my environment. I will likely use this fix, but it would be nice to see a uniform/easy way to disable this, so I may submit a patch in a few days, if no one responds/does it first.
Created attachment 317620 [details]
Disable reloading of ck users from default
Create an option to disable reloading of recently lgoged in users from consolekit. Also, disable reloading by default, heres my logic behind this:
1. Local users will be in the passwd file (gets loaded anyway)
2. All the rest of the accounts are probably networked users.
Problem with network users:
1. extra unnecessary ldap/nis lookups for user names
2. home directories get accessed, potentially (most likely) making an automounter mount them, and this can be expensive operation, when many clients are hammering filers for random users' directories
3. extra mount options (e.g. kerberos) can cause many permission denied errors to be displayed to users, when these directories are accessed, or even just mounted in some cases (e.g. quotacheck, etc).
For deployments where only a few people share clients, a system administrator can enable an option in the gconf to allow lookups of recent users.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.