Bug 112453

Summary: Tilde-user lookups in .login hang shell
Product: [Fedora] Fedora Reporter: Stephen Walton <stephen.walton>
Component: tcshAssignee: Miloslav Trmač <mitr>
Status: CLOSED RAWHIDE QA Contact: Bill Huang <bhuang>
Severity: medium Docs Contact:
Priority: medium    
Version: 1CC: deekej
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: 6.13-6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-09-15 01:53:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Stephen Walton 2003-12-19 22:40:11 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
If one uses the "~user" form in a .login file AND the user in question
is handled by OpenLDAP authentication AND is a member of an LDAP
group, then tcsh hangs until control-C is hit.  The problem does not
occur with bash, nor does it occur if the user is a member of a group
which appears in the local /etc/group file.

Version-Release number of selected component (if applicable):
tcsh-6.12-5

How reproducible:
Always

Steps to Reproduce:
1. Set up a Fedora workstation which connects to an LDAP server for
authentication;  I use the 'firstboot' dialog to do this.

2. Create an LDAP user whose group is not in /etc/group.  I used the
following LDIF:

dn: uid=testuser, ou=people,dc=foo,dc=com
uid: testuser
cn: Joe Testuser
homeDirectory: /home/testuser
uidNumber: 508
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 500
userPassword: [insert password here]
loginShell: /bin/tcsh

and added this user with the ldapadd command.

3.  In the above user's home directory, create a .login file
containing the single line

echo ~testuser

4.  Log in as testuser.


Actual Results:  The echo command succeeds but no shell prompt appears
until you hit control-C.

Expected Results:  The echo command should succeed and the prompt
should then appear.

Additional info:

If you change the group number for testuser to 100 (the 'users' group
in /etc/group), one gets the result one expects.

This may be related to bug 105886, although I have never had the
problem described there myself.

Comment 1 Miloslav Trmač 2004-09-15 01:53:20 UTC
Fixed in tcsh-6.13-6, which should show up in rawhide after FC3t2
is released.

Comment 2 David Kaspar // Dee'Kej 2016-04-20 14:08:41 UTC
The package 'nss_ldap' is now obsolote (has been retired) and is no longer part of Fedora. It was superseded by 'nss-pam-ldapd' and 'sssd'.

I tried to reproduce this issue with the current way of LDAP authentication via the FreeIPA/SSSD, but I was not successful. The issue has been most likely mitigated with the new identity management.

And because the patch for this BZ was never accepted by the upstream (and Fedora tries to be close to upstream as much as possible), I will be removing that patch from the 'tcsh' package in the F24 version.

In case anybody finds himself/herself affected by this issue in the future, feel free to reopen this BZ or create a new one.