Information
GDM is the GNOME Display Manager which handles graphical login for GNOME based systems.
The disable-user-list option controls if a list of users is displayed on the login screen
Displaying the user list eliminates half of the Userid/Password equation that an unauthorized person would need to log on.
Solution
- IF - GDM is installed:
Run the following script to enable the disable-user-list option:
Note: the l_gdm_profile variable in the script can be changed if a different profile name is desired in accordance with local site policy.
#!/usr/bin/env bash
{
l_gdmprofile="gdm"
if [ ! -f "/etc/dconf/profile/$l_gdmprofile" ]; then
echo "Creating profile \"$l_gdmprofile\""
echo -e "user-db:user
system-db:$l_gdmprofile
file-db:/usr/share/$l_gdmprofile/greeter-dconf-defaults" > /etc/dconf/profile/$l_gdmprofile
fi
if [ ! -d "/etc/dconf/db/$l_gdmprofile.d/" ]; then
echo "Creating dconf database directory \"/etc/dconf/db/$l_gdmprofile.d/\""
mkdir /etc/dconf/db/$l_gdmprofile.d/
fi
if ! grep -Piq '^h*disable-user-listh*=h*trueb' /etc/dconf/db/$l_gdmprofile.d/*; then
echo "creating gdm keyfile for machine-wide settings"
if ! grep -Piq -- '^h*[org/gnome/login-screen]' /etc/dconf/db/$l_gdmprofile.d/*; then
echo -e "
[org/gnome/login-screen]
# Do not show the user list
disable-user-list=true" >> /etc/dconf/db/$l_gdmprofile.d/00-login-screen
else
sed -ri '/^s*[org/gnome/login-screen]/ a# Do not show the user list
disable-user-list=true' $(grep -Pil -- '^h*[org/gnome/login-screen]' /etc/dconf/db/$l_gdmprofile.d/*)
fi
fi
dconf update
}
Note: When the user profile is created or changed, the user will need to log out and log in again before the changes will be applied.