/
Why is the lightdm's login screen (greeter) able to turn off or reboot the remote server?

Why is the lightdm's login screen (greeter) able to turn off or reboot the remote server?

On the XDMCP login screen (Greeter), there is a menu to manage server power. This menu works on the console locally, but not remotely.

When installing and using lightdm as an XDMCP daemon on Redhat Enterprise Linux, CentOS, Rocky Linux, etc., the remote login screen provides power functions, which can be a problem. When accessing remotely, this function should be restricted.

The following are the required configurations to prevent power control of equipment from the Greeter screen.

  1. Open the /etc/lightdm/lightdm-gtk-greeter.conf file with root privileges.

  2. Uncomment the ‘#show-indicators=’ section and register only the necessary functions. The function that controls the power of the Linux device is '~power', so do not include it.

    ... # show-indicators = semi-colon ";" separated list of allowed indicator modules. Built-in indicators include "~a11y", "~language", "~session", "~power". Unity indicators can be represented by short name (e.g. "sound", "power"), service file name, or absolute path ... [greeter] background=/usr/share/backgrounds/day.jpg #theme-name= #icon-theme-name= #font-name= #xft-antialias= #xft-dpi= #xft-hintstyle= #xft-rgba= show-indicators=~session;~language;~a11y #show-clock= #clock-format= #keyboard= #position= #screensaver-timeout= ...

     

  3. Restart lightdm.

    # systemctl restart lightdm