Linux as a kiosk: automatic log-ins with GNOME
Home entertainment systems and public kiosks are often required to boot up without human interference, so they can be set-up quickly after being moved to a different physical location, or survive power outages. Due to their public nature, different people use the same system user, which must be logged in automatically. To set this up, we must tell Linux two things: which user to log in by default, and that this user does not require any authentication.
Restrict user privileges
First, create or choose the user you want the public to use. Because everybody and anybody will have access to this user, it must not have more privileges than absolutely necessary. It’s often a good idea to create a completely new user, so group memberships and permissions can be tailored to the few tasks the public must be able to perform.
We need to tell the display manager it must log in this user automatically. This requires a small change to a
configuration file. Ensure
/etc/gdm3/custom.conf contains the following two lines, where
bart must be replaced with
the name of your unprivileged user:
AutomaticLoginEnable = true AutomaticLogin = bart
We have told Linux which user to log in automatically, but this will still require a password when resuming an existing
log-in session after the screen has gone blank or the machine has been suspended. We’ll use a
PAM config file to tell Linux our user
requires no authentication at all. Edit
/etc/pam.d/gdm-password and put the following line at the beginning of the
bart must again be replaced with the name of your unprivileged user:
auth sufficient pam_succeed_if.so user = bart
Whenever Linux tries to authenticate a user called
bart, that is sufficient, and no other steps, such as a
password, are necessary. This effectively disables any authentication for this user.
Now your machine can be rebooted, and you should see it go straight to your unprivileged user’s desktop!