Bug 141380 - gdm passes user input to sessreg, rather than pwent
Summary: gdm passes user input to sessreg, rather than pwent
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: gdm
Version: 3.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Ray Strode [halfline]
QA Contact: Mike McLean
URL: https://listman.redhat.com/archives/k...
Whiteboard:
Depends On:
Blocks: 132991
TreeView+ depends on / blocked
 
Reported: 2004-11-30 20:08 UTC by Mike Patnode
Modified: 2007-11-30 22:07 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-05-20 03:25:47 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
patch to daemon/slave.c (1.46 KB, patch)
2004-11-30 20:09 UTC, Mike Patnode
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2005:086 0 normal SHIPPED_LIVE gdm bug fix update 2005-05-19 04:00:00 UTC

Description Mike Patnode 2004-11-30 20:08:08 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; 
Maxthon; .NET CLR 1.1.4322)

Description of problem:
Many pam/nss modules (IE: winbind, ldap, etc..) allow the user to 
enter a non-Unix username at the login prompt. IE: domain+user, 
user@domain, domain\\user, etc...   Since gdm passes exactly what was 
typed to sessreg, it will often fail, or worse, create non-sensical 
wtmp entries.

All such pam modules will map the non-standard name to a standard one 
and either find or generate a correct password entry structure.

A simple change to gdm to pass the username from the pwent rather 
than what the user typed in.   The pwent name should also be used for 
environment variables as well.

Version-Release number of selected component (if applicable):
gdm-2.4.1.6-5

How reproducible:
Always

Steps to Reproduce:
1. Configure windbind, log in using the Windows username including a 
space or some other non-unix friendly character.

    

Actual Results:  User is told their session exited immediately.  
Following error in /var/log/messages:

gdm_slave_session_start: Execution of PreSession script returned > 0. 
Aborting.


Expected Results:  User should be able to log in with their unix name 
put in wtmp.

Additional info:

Patch attached...

Comment 1 Mike Patnode 2004-11-30 20:09:12 UTC
Created attachment 107647 [details]
patch to daemon/slave.c

Comment 2 Ray Strode [halfline] 2004-12-01 16:10:12 UTC
Thanks, I'll apply your patch soon.

Comment 3 Ray Strode [halfline] 2004-12-01 16:42:04 UTC
This seems like a reasonable candidate for a RHEL3 update.

Comment 4 Ray Strode [halfline] 2005-01-27 00:37:35 UTC
Marking MODIFIED while QA tests the fix for RHEL3-U5

Comment 5 Dennis Gregorovic 2005-05-20 03:25:47 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-086.html



Note You need to log in before you can comment on or make changes to this bug.