On Thu, Jan 20, 2011 at 10:34 AM, Sorin Srbu sorin.srbu@orgfarm.uu.se wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Joshua Baker-LePain Sent: Wednesday, January 19, 2011 8:47 PM To: CentOS mailing list Subject: Re: [CentOS] How to disable screen locking system-wide?
By default, CentOS v5 requires a user's password when the system wakes up from the screensaver. This can be disabled by each user, but how can I disable this system-wide? Many of my users forget to do this, which results in workstations being locked up.
Ctrl-Alt-Bksp will fix that right up. I'm not a big fan of users leaving workstations unsecured when they walk away.
Wouldn't that kill any programs, or whatever, the user has running?
Yup, and it totally defeats the purpose of what the OP actually wanted todo. Imagine your account being busy with your year-end books, and has to run to the toilet (she is a bit sick) now you come and press CTRL+ALT+Bksp and loose everything she's done. And, if she had a lot of invoices and statements already processed then she may need to redo it. Now, how do you explain to your boss that you just cost him another day with an expensive accountant because you're too ignorant to properly address the issue?
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Rudi Ahlers Sent: Thursday, January 20, 2011 9:55 AM To: CentOS mailing list Subject: Re: [CentOS] How to disable screen locking system-wide?
By default, CentOS v5 requires a user's password when the system wakes up from the screensaver. This can be disabled by each user, but how can I disable this system-wide? Many of my users forget to do this, which results in workstations being locked up.
Ctrl-Alt-Bksp will fix that right up. I'm not a big fan of users leaving workstations unsecured when they walk away.
Wouldn't that kill any programs, or whatever, the user has running?
Yup, and it totally defeats the purpose of what the OP actually wanted todo. Imagine your account being busy with your year-end books, and has to run to the toilet (she is a bit sick) now you come and press CTRL+ALT+Bksp and loose everything she's done. And, if she had a lot of invoices and statements already processed then she may need to redo it. Now, how do you explain to your boss that you just cost him another day with an expensive accountant because you're too ignorant to properly address the issue?
Yeah, that's exactly what I was getting to. 8-)
Actually, I'd be interested in an answer to the OP's question too. So far I've always used a somewhat crude method to kill a users screen-saver to be able to get to the desktop...
Disabling the screen-saver's password-protection globally, while still keeping the screen-saver on and working, would be pretty nifty. We use mostly Gnome, and KDE here and there. Is this possible to do in either?
On Thursday, January 20, 2011 03:54:45 am Rudi Ahlers wrote:
Yup, and it totally defeats the purpose of what the OP actually wanted todo. Imagine your account being busy with your year-end books, and has to run to the toilet (she is a bit sick) now you come and press CTRL+ALT+Bksp and loose everything she's done. And, if she had a lot of invoices and statements already processed then she may need to redo it. Now, how do you explain to your boss that you just cost him another day with an expensive accountant because you're too ignorant to properly address the issue?
An IT admin should not be accessing the accountant's PC without the accountant or another financial person present, for control reasons (control in the financial, SCI, and auditing sense). There are significant regulatory compliance issues with your specific example.... :-) Just because it's company data doesn't mean it's open season for any IT admin to access. This is likely why CTRL-ALT-BACKSPACE is off by default, too.
If the PC is another IT admin's PC, that's a different story. But even then there are significant accountability issues, as when workstations are left unlocked anyone can come up and then do something as that user.
I understand what the OP wants to do, but honestly I think it's a bad idea to do it. If the setting is changed it should be on a per-user basis, since at that point the user can know about it, and there is a degree of informed consent there.
There may be a knob to do it, but I think there could be liability issues for tweaking that knob, which essentially changes all user's preferences without their informed consent. I know that I would not do this in my environment, because I don't want that liability.
But it definitely depends upon your specific environment. And, yes, users need to log out, and many places do fairly harsh discipline if a workstation isn't either locked or logged out in the user's absence.