Bug 10392

Summary: kdm doesn't allow user login.
Product: [Retired] Red Hat Linux Reporter: Luca Bonomi <luca.bonomi>
Component: kdebaseAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 6.2CC: schiotz
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-07-15 05:04:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Luca Bonomi 2000-03-28 15:49:41 UTC 
Hi, I found this strange behaviour:
I am using NIS with shadow passwords.
If I try to login as a user through kdm I get "Login failed".
Other login managers (console login, xdm) are working correctly.
Note that once you manage to login (e.g. using xdm), the kde lock screen
will return a password failure as well.

kdm works fine for user "root".

I've also tried to disable NIS, create a "test" user and copy my encrypted
passwd to the "test" entry in the /etc/shadow file. kdm fails with "Login
failed" for user "test". I deduce NIS is not the problem.
Then I have assigned a locally generated passwd to "test". This was created
as an md5 passwd and kdm works correctly.
Is that some trouble with kde and non-md5 passwords?

Thanks!
Comment 1 Luca Bonomi 2000-03-30 13:27:59 UTC 
Trying to narrow it down:

I have removed the kdebase, kdelibs and kdesupport that come with redhat 6.2 and
installed the older kde 1.1.2 packages I was using with Redhat 6.1:

kdebase-1.1.2-11.i386.rpm
kdebase-lowcolor-icons-1.1.2-11.i386.rpm
kdelibs-1.1.2-9.i386.rpm
kdelibs-devel-1.1.2-9.i386.rpm
kdesupport-1.1.2-3.i386.rpm

With the old version I can login again.
Comment 2 Luca Bonomi 2000-04-14 13:12:59 UTC 
I have noticed that if you comment out the line

auth       required    /lib/security/pam_shells.so

from the file "/etc/pam.d/kde", both kdm and klock will work correctly.
Now, why kde is using the "/lib/security/pam_shells.so" module? Any security
implications in my action?
Comment 3 Seth Vidal 2000-07-15 05:04:41 UTC 
IF your users shell is not listed in /etc/shells they won't be able to login.

MAke sure the COMPLETE path to your users shell is listed in /etc/shells and kdm
and klock should work.
Comment 4 Bernhard Rosenkraenzer 2000-08-04 13:12:48 UTC 
It's a feature - users with a shell of /dev/null, /bin/false or anything else
that is not listed in /etc/shells aren't supposed to be able to log in.