RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Description of problem:

Since the update to RHEL 7.4 (from 7.3), the environment variables from /etc/environment are not set by gdm anymore, if autologin is enabled (AutomaticLoginEnable=true).

This did work before the update, so it seems to be a regression.  In fact it seems that the considerable changes in /etc/pam.d/gdm-autologin seem to be the cause.

Notice: adding the following line solves the problem:

auth       required    pam_env.so

But I'm not sure whether this is the right fix ...

Version-Release number of selected component (if applicable): gdm-3.22.3-12.el7.x86_64


How reproducible: always


Steps to Reproduce:

1. echo "TESTVAR=myval" > /etc/environment
2. killall gdm
3. login as "localuser", open terminal, check environment: TESTVAR is set

4. Now enable gdm autologin: in /etc/gdm/custom.conf, add these settings in the [daemon] block:

AutomaticLoginEnable=true
AutomaticLogin=localuser

5. killall gdm
6. gdm automatically logins as "myuser", open terminal, check environment

Actual results:

TESTVAR is not set in environment

Expected results:

TESTVAR is set to "myval" in environment


Additional info:
This did work in RHEL 6.x and 7.3.

i believe your fix is correct.  at some point upstream systemd started taking over the role of pam_env, so it got dropped from the pam service file.  downstream, we still depend on pam_env so need to reintroduce it.

OK.  I'll (temporarily) add pam_env.so to gdm-autologin.  I'm curious how the final fix is gonna look like ... the pam.d/gdm-autologin changes since 7.3 are a little hard to understand: pam_gdm.so is only used there (and not documented), "auth include postlogin" is not included anymore (for whatever reason?).

Created attachment 1388505 [details]
Repair autologin PAM configuration following rebase.

Resolves: #1539106

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0770