Red Hat Bugzilla – Bug 1539106
gdm autologin does not set /etc/environment variables anymore (regression)
Last modified: 2018-05-17 10:39:45 EDT
Description of problem:
Since the update to RHEL 7.4 (from 7.3), the environment variables from /etc/environment are not set by gdm anymore, if autologin is enabled (AutomaticLoginEnable=true).
This did work before the update, so it seems to be a regression. In fact it seems that the considerable changes in /etc/pam.d/gdm-autologin seem to be the cause.
Notice: adding the following line solves the problem:
auth required pam_env.so
But I'm not sure whether this is the right fix ...
Version-Release number of selected component (if applicable): gdm-3.22.3-12.el7.x86_64
How reproducible: always
Steps to Reproduce:
1. echo "TESTVAR=myval" > /etc/environment
2. killall gdm
3. login as "localuser", open terminal, check environment: TESTVAR is set
4. Now enable gdm autologin: in /etc/gdm/custom.conf, add these settings in the [daemon] block:
5. killall gdm
6. gdm automatically logins as "myuser", open terminal, check environment
TESTVAR is not set in environment
TESTVAR is set to "myval" in environment
This did work in RHEL 6.x and 7.3.
i believe your fix is correct. at some point upstream systemd started taking over the role of pam_env, so it got dropped from the pam service file. downstream, we still depend on pam_env so need to reintroduce it.
OK. I'll (temporarily) add pam_env.so to gdm-autologin. I'm curious how the final fix is gonna look like ... the pam.d/gdm-autologin changes since 7.3 are a little hard to understand: pam_gdm.so is only used there (and not documented), "auth include postlogin" is not included anymore (for whatever reason?).
Created attachment 1388505 [details]
Repair autologin PAM configuration following rebase.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.