Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
When we add a user via sssd to a system, and the user had no loginShell attribute in LDAP, the user is treated as system user and does not show up in the user list of GDM.
Version-Release number of selected component (if applicable):
accountsservice-0.6.35-12.el7.x86_64
gdm-3.14.2-19.el7.x86_64
sssd-1.14.0-43.el7.x86_64
How reproducible:
For every user without a log in shell set
Steps to Reproduce:
1. Create a user in LDAP without the loginShell attribute
2. Use sssd to set up the user
Actual results:
User is seen as system user and does not show up in GDM
Expected results:
If the loginShell is empty, the system should fall back to the system default shell as set in /etc/default/useradd
Comment 2Ray Strode [halfline]
2016-11-10 20:26:37 UTC
maybe. I do wonder if some system services will start showing up as normal user accounts if we do this.
mmhhh.. good point. Maybe System user/Accounts should be (if not other needed) set to loginShell as /sbin/nologin (or /bin/false)?
Comment 4Ray Strode [halfline]
2019-02-20 21:01:55 UTC
looks like the login command does this:
→ if (pwd->pw_shell == NULL || *pwd->pw_shell == '\0')•
→ → pwd->pw_shell = _PATH_BSHELL;•
where _PATH_BSHELL is libc defined default bourne shell ("/bin/sh").
perhaps accountsservice should use the same logic.
Comment 5Ray Strode [halfline]
2019-02-20 21:07:33 UTC
i've filed https://gitlab.freedesktop.org/accountsservice/accountsservice/issues/69 for now. I think we should deal with this upstream, and potentially backport the change down the road (maybe just in rhel8 following a rebase?).
Closing, but if you were really hoping to see this land in rhel 7 on a more accelerated schedule, please reopen.