Summary: done, usable, current solution is acceptable only in a cooperative multi-user environment, can be improved.
I wrote a usable-proof-of-concept patch to lightdm
that does the job.
It does what we need here!
See below for installation instructions.
Prerequisites
- A system with at least two user accounts and users willing to allow quick switch between graphical sessions without retyping passwords.
- Each user can use any desktop environment that fully uses
lightdm
, including using light-locker
for session locking. Unity and XFCE should work.
Tested with XFCE.
How to use, how to see the changes
Try this before performing the changes:
- have user A open a graphical session
- have user B open another graphical session
Now from any of the two session you can do :
dm-tool switch-to-user userA
or
dm-tool switch-to-user userB
Effect of the changes
Without the change you will see a login prompt requiring to type a password.
With the change you will see an immediate switch without login prompt.
Here the switch is really quick. Much quicker than in Ubuntu 12.04 and even without flickering in some cases.
Practical use
For maximum benefit, I recommend to create a launcher icon somewhere in a dock/panel/wharf (whatever it is called in your particular desktop environment) that when clicked runs:
dm-tool switch-to-user name-of-other-user
SECURITY WARNING
Applying the commands below replaces system's lightdm
packages with modified versions that allow switching between any two users currently being logged in a graphical session. This weakens system security, for example user A logs in graphically, locks session, walks away, user B logs in. User B can unlock user A session and switch to it any time it is opened. And the other way round (swap A and B).
The changes cannot be applied without administrator access (sudo
is assumed, especially for package install).
It works fine for us, but still, note that lightdm
is an important package and this might break it or introduce other subtle bugs. Breaking it will break ability to use graphical login sessions for all users. You are fully responsible for the use of the commands below. You have been warned.
Permanence warning
Changes are near-permanent. They stay after rebooting.
To revert them, install (using aptitude
, synaptic
or whatever) the regular lightdm*
packages which will replace the changed ones.
Notice that any time Ubuntu updates lightdm
packages, and the updates are installed, they will revert the changes. Administrator can apply them again.
Possible refinement (restore security)
This proof-of-concept could be refined by a clever use of e.g. Unix groups. lightdm
would only allow the switch if current and target users are listed in any group with a conventional filename, like lightdm-quickswitch-anystringfoo
.
Such a change (possible along with others) could be eventually merged into some official solution.
Commands
I suggest to login on a text console (press Ctrl-Alt-F1 and login) to do the steps below. This allows to restart lightdm without losing the current shell.
Copy-paste the commands below in a bash shell and it will adjust lightdm
to perform the changes.
(
set -euxv
echo Making sure system has necessary packages.
echo Installing packages will be done only once but might be long as it may fetch around 40Mbytes of data from the Internet.
sudo apt-get --assume-yes install devscripts
echo Enabling source packages in apt.
sudo sed -i '/^#\sdeb-src /s/^# *//' "/etc/apt/sources.list"
sudo apt-get update
sudo apt-get --assume-yes --no-install-recommends build-dep lightdm
THETEMPDIR=$( mktemp -d )
cd $THETEMPDIR
echo Getting package source
apt-get source lightdm
cd */
pwd
if [ -d .pc ]
then
quilt push -a || echo "Quilt returned an error code, we ignore it because we saw it was sometimes irrelevant."
quilt new allow_switch_between_logged_users_without_authentication
quilt add src/seat.c
fi
patch -p0 <<EOF
--- src/seat.c 2016-07-29 05:19:45.000000000 +0200
+++ src/seat.c 2016-08-15 19:37:11.693364683 +0200
@@ -1578,6 +1578,20 @@
l_debug (seat, "Switching to user %s", username);
+ if (session)
+ {
+ l_debug (seat, "WIP quick switch: found inactive existing user session, switching to it: %s. For details, see https://askubuntu.com/questions/811953/switching-between-two-opened-x-sessions-without-reauthenticating", username);
+
+ session_unlock (session);
+ seat_set_active_session (seat, session);
+
+ l_debug (seat, "WIP quick switch to user complete: %s. For details, see https://askubuntu.com/questions/811953/switching-between-two-opened-x-sessions-without-reauthenticating", username);
+ return TRUE;
+ }
+
+ l_debug (seat, "WIP quick switch: no session for user, switching to greeter: %s. For details, see https://askubuntu.com/questions/811953/switching-between-two-opened-x-sessions-without-reauthenticating", username);
+
+
/* Attempt to authenticate them */
session = create_user_session (seat, username, FALSE);
g_signal_connect (session, SESSION_SIGNAL_AUTHENTICATION_COMPLETE, G_CALLBACK (switch_authentication_complete_cb), seat);
EOF
if [ -d .pc ]
then
quilt refresh
ls -al debian/patches/allow_switch_between_logged_users_without_authentication
cat debian/patches/allow_switch_between_logged_users_without_authentication
fi
echo Building modified packages.
dch -lquickswitch "Allow dm-tool switch-to-user username to switch without authentication if user session is already opened. WARNING: this negates local security. For details, see https://askubuntu.com/questions/811953/switching-between-two-opened-x-sessions-without-reauthenticating"
head debian/changelog
time dpkg-buildpackage -rfakeroot -uc -b
echo Installing modified packages.
cd ..
PACKAGESTOINSTALL=$( for DEBNAME in *.deb ; do PACKAGENAME="$( echo "$DEBNAME" | cut -f 1 -d _ )" ; if dpkg -l $PACKAGENAME | grep -q ^ii ; then echo $DEBNAME ; fi ; done ) ; sudo dpkg --install ${PACKAGESTOINSTALL}
dpkg -l '*lightdm*'
)
Notice that the command below will close immediately all graphical sessions without a chance to save data, so all users should close applications properly and save needed data first.
If packages did install well, the change can be activated immediately with :
sudo service lightdm restart
or by rebooting.
Feedback
Does it work for you? Can you think of a variant?
Feedback welcome.
Best Answer
add user
-m means add home directory, -s means the following is their login shell
remove user password
now to allow passwordless logins you need to edit a text file
OR
AND REPLACE THE LINE
WITH
.
.
.
To revert your change simply re-add "_secure" at the end. Or just make a backup of the original file
I believe the main reason *nixers are so obnoxious about passwords is actually to protect network data moreso than physical drive data. That said there is a time and place for EVERYTHING. imo. I run apache/ircd/smtp as root because its on my old android on a sandboxed network.