From 45654e9e3c821afd0e1e6691a7f443580ec99bf3 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Mon, 13 Jun 2011 13:18:14 -0400
Subject: doc: mention new split authentication feature

This commit updates the docs to mention the new
split authentication feature recently added.
---
 docs/C/gdm.xml | 32 +++++++++++++++++++++++++++-----
 1 file changed, 27 insertions(+), 5 deletions(-)

diff --git a/docs/C/gdm.xml b/docs/C/gdm.xml
index c5103019..fc8b57b4 100644
--- a/docs/C/gdm.xml
+++ b/docs/C/gdm.xml
@@ -265,17 +265,39 @@
       <para>
         The greeter program is run as the unprivileged "gdm"
         user/group.  This user and group are described in the
-        "Security" section of this document.  The main function of
-        the greeter program is to authenticate the user.  The authentication
+        "Security" section of this document.  The main functions of
+        the greeter program are to provide a mechanism for selecting
+        an account for log in and to drive the dialogue between
+        the user and system when authenticating that account. The authentication
         process is driven by Pluggable Authentication Modules (PAM).  The PAM
         modules determine what prompts (if any) are shown to the user to
         authenticate.  On the average system, the greeter program will request
         a username and password for authentication.  However some systems may
-        be configured to use alternative mechanisms such as a fingerprint or
-        SmartCard reader.  GDM and PAM can be configured to not require any
+        be configured to use supplemental mechanisms such as a fingerprint or
+        SmartCard readers. GDM can be configured to support these
+        alternatives in parallel with greeter login extensions and the
+        <command>--enable-split-authentication</command>
+        <filename>./configure</filename> option, or one at a
+        time via system PAM configuration.
+      </para>
+
+      <para>
+         The smartcard extension can enabled or disabled via the
+         <filename>org.gnome.display-manager.extensions.smartcard.active</filename>
+         gsettings key.
+      </para>
+
+      <para>
+         Likewise, the fingerprint extension can enabled or disabled via the
+         <filename>org.gnome.display-manager.extensions.fingerprint.active</filename>
+         gsettings key.
+      </para>
+
+      <para>
+        GDM and PAM can be configured to not require any
         input, which will cause GDM to automatically log in and simply
         start a session, which can be useful for some environments, such as
-        for kiosks.
+        single user systems or kiosks.
       </para>
 
       <para>
-- 
cgit v1.2.1