Bug 1814454

Summary: Cannot login with usernames that contain a period
Product: [Fedora] Fedora Reporter: Thomas Simmons <twsnnva>
Component: systemdAssignee: systemd-maint
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 32CC: jesus, lnykryn, msekleta, ssahani, s, systemd-maint, twsnnva, zbyszek
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: systemd-245.4-1.fc32 Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-04 00:45:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Thomas Simmons 2020-03-17 23:16:19 UTC
Description of problem:
After upgrade to Fedora 32 you cannot login with a username that contains a period. Research suggest other OS's have the same issue with this version of systemd. Example below.

https://bugs.gentoo.org/708824


Version-Release number of selected component (if applicable):
# yum info systemd
Last metadata expiration check: 0:18:39 ago on Tue 17 Mar 2020 06:51:11 PM EDT.
Installed Packages
Name         : systemd
Version      : 245~rc1
Release      : 4.fc32
Architecture : x86_64
Size         : 13 M
Source       : systemd-245~rc1-4.fc32.src.rpm

How reproducible:


Steps to Reproduce:
1. Create a username with a period
2. Attempt to login
3.

Actual results:

When login is attempted no error is displayed however you are not logged in and brought back to the login screen. This does not occur with users that do not have a period in the username.

Expected results:

Successful login.

Additional info:

/var/log/secure
Mar 17 18:58:10 focus-lnx gdm-password][4153]: pam_sss(gdm-password:auth): authentication success; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=a.user
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: unable to locate daemon control file
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: stashed password to try later in open session
Mar 17 18:58:10 focus-lnx gdm-password][4153]: pam_systemd(gdm-password:session): Failed to get user record: Invalid argument
Mar 17 18:58:10 focus-lnx gdm-password][4153]: pam_unix(gdm-password:session): session opened for user a.user by (uid=0)
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: unable to locate daemon control file
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring
Mar 17 18:58:13 focus-lnx gdm-password][4153]: pam_unix(gdm-password:session): session closed for user a.user
Mar 17 18:58:24 focus-lnx gdm-password][4283]: gkr-pam: unable to locate daemon control file

Comment 1 Fedora Update System 2020-04-01 23:33:17 UTC
FEDORA-2020-c4623add1f has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-c4623add1f

Comment 2 Fedora Update System 2020-04-02 02:17:17 UTC
FEDORA-2020-c4623add1f has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-c4623add1f`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-c4623add1f

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 3 Fedora Update System 2020-04-04 00:45:40 UTC
FEDORA-2020-c4623add1f has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 4 jesus 2020-05-18 18:59:39 UTC
Same problem here, after upgading from FC30. My enterprise login (kerberos) username does not have any dot in it.

Journalctl errors for AD domain users:

May 18 20:51:55 fos.madrid.medios.es audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=fprintd comm=“systemd” exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success’
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: pam_sss(gdm-password:auth): authentication success; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=sanmi@madrid.medios.es
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_AUTH pid=15258 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_succeed_if,pam_sss,pam_gnome_keyring acct=“sanmi@madrid.medios.es”>
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: unable to locate daemon control file
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: stashed password to try later in open session
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_ACCT pid=15258 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct=“sanmi@madrid.medios.es” exe="/usr/libexec/gdm-session-w>
May 18 20:51:58 fos.madrid.medios.es audit[15258]: CRED_ACQ pid=15258 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss,pam_gnome_keyring acct=“sanmi@madrid.medios.es” exe="/usr/libexec/gdm-s>
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: pam_systemd(gdm-password:session): Failed to get user record: Invalid argument
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: pam_unix(gdm-password:session): session opened for user sanmi@madrid.medios.es by (uid=0)
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: unable to locate daemon control file
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_START pid=15258 uid=0 auid=610201124 ses=13 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_keyinit,pam_namespace,pam_keyinit,pam_limits,pam_unix,>
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_LOGIN pid=15258 uid=0 auid=610201124 ses=13 msg=‘uid=610201124 exe="/usr/libexec/gdm-session-worker" hostname=? addr=? terminal=? res=success’