Red Hat Bugzilla – Bug 141380
gdm passes user input to sessreg, rather than pwent
Last modified: 2007-11-30 17:07:05 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
Maxthon; .NET CLR 1.1.4322)
Description of problem:
Many pam/nss modules (IE: winbind, ldap, etc..) allow the user to
enter a non-Unix username at the login prompt. IE: domain+user,
user@domain, domain\\user, etc... Since gdm passes exactly what was
typed to sessreg, it will often fail, or worse, create non-sensical
All such pam modules will map the non-standard name to a standard one
and either find or generate a correct password entry structure.
A simple change to gdm to pass the username from the pwent rather
than what the user typed in. The pwent name should also be used for
environment variables as well.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure windbind, log in using the Windows username including a
space or some other non-unix friendly character.
Actual Results: User is told their session exited immediately.
Following error in /var/log/messages:
gdm_slave_session_start: Execution of PreSession script returned > 0.
Expected Results: User should be able to log in with their unix name
put in wtmp.
Created attachment 107647 [details]
patch to daemon/slave.c
Thanks, I'll apply your patch soon.
This seems like a reasonable candidate for a RHEL3 update.
Marking MODIFIED while QA tests the fix for RHEL3-U5
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.