User Account Dialog
A user account dialog.
- Targeted release: Fedora 13
- Last updated: 2009-11-23
- Percentage of completion: 10%
We have lots of (somewhat dated) design and scoping work that was done in Spring 2008: http://people.redhat.com/mclasen/user-account3.pdf.bz2
Ubuntu seem to be plan working on something similar, see https://wiki.ubuntu.com/DesktopTeam/Specs/Lucid/UserAccountManagement
The goal of this feature is create a single tool that allows to create new users and edit user-related information in single-user systems or small deployments. Big deployments and enterprise-level systems are not a target (we think those are better-served with a web interface for their directory server...).
The tool will (at least partially) replace the functionality of several existing components, such as system-config-users, gnome-about-me, the former gdmsetup, firstboot, the former polkit-gnome-authorization...
Use cases that we hope to cover are:
- Creating the first user when the system boots for the first time
- Editing your own account data
- User account maintenance
- Configuring the login screen
- Temporary access to the system (guest account)
Benefit to Fedora
A user account dialog has been missing for a long time. It will make the Fedora Desktop more complete and narrow the gap to other operating systems.
- A dbus service providing user data needs to be written.
- The dialog itself needs to be written.
- Several desktop components should be modified to use the service as well, the most prominent one is gdm, followed by applications that maintain user-related data, such as evolution or empathy
- gdm needs to be modified to support setting passwords at first login, password hints, and disabled accounts
Note that this page describes the changes in the desktop spin related to this feature. Other spins, such as the KDE or Xfce spins, can of course use the DBus service in their own user management tool or just continue to use system-config-user. If people are willing to work on this for other spins, the scope of the feature can be extended.
How To Test
- Verify that gnome-about-me ('About me') and system-config-user ('Users and Groups') have been replaced by a single new menuitem ('Account management' or similar).
- Open the user account dialog. It should show you your own account data. Verify that you are able to change your own settings, such as user name or password. Verify that changing your account type requires privileges.
- Create a new account with the 'Add' button. Verify that this action requires privileges.
- Test that the various password generation policies work as intended (ie 'Random password' should generate something that looks random, and 'Memorable password' should generate something memorable)
- Verify that selecing 'Choose password at next login' has the desired effect at the next login
- Verify that 'Disable this account' has the desired effect
- Verify that password hints are displayed when necessary on the login screen
- Delete an account with the 'Remove' button. Verify that this action requires privileges.
- On the 'Login options' screen, enable autologin for your account (this requires privileges). Verify that you are automatically logged in after the next reboot
- Verify that changes to your account data (such as the icon or the user name) are reflected in the user switcher applet and in applications like evolution or emphathy)
Users will have a single place to edit their account data and similar user-related data.
For an idea how this tool will look, see the mockups in http://people.redhat.com/mclasen/user-account3.pdf.bz2
- SSSD: The DBus service would ideally rely on SSSD for most of its data storage needs. If SSSD is not ready or does not provide what we need, we can temporarily use our own data storage.
- PolicyKit: We want the dialog to be able to assign privileges/roles to users, for which we will rely on PolicyKit. PolicyKit 1.0 in F12 already provides the necessary framework for group-based policies (see the polkit-desktop-policy package), but minor adjustments might be necessary.
- gdm: We want the dialog to be able to configure certain aspects of the login, e.g. autologin. gdm needs to provide some interface for this.
- The dialog supersedes the functionality of several existing components: system-config-users, gnome-about-me, the former gdmsetup, firstboot. These will need to be obsoleted or adjusted to avoid the overlap.
Stay with the current set of tools.
Fedora 13 includes a new user account dialog. It lets you create and modify user accounts and setup basic user information such as privileges, email addresses, user photo, etc. The new dialog supersedes functionality that was previously available in a variety of tools, such as system-config-user, gnome-about-me, gdmsetup and polkit-gnome-authorization, and makes it available in one place.