Description of problem: During the gnome-initial-setup phase, if you choose to "set up enterprise login" to set up an active directory user, your domain user doesn't get added to the wheel group. So you can't sudo and you can't su because the option to choose the root account's password during install was removed. Version-Release number of selected component (if applicable): 28 How reproducible: always Steps to Reproduce: 1. Install Fedora 28 2. Navigate the gnome-initial-setup screens up to the account creation phase 3. Click on "Set Up Enterprise Login" 4. Fill in the active directory domain and your ad user and password 5. Fill in the hostname, the active directory administrator's name and password 6. Login with your domain user and password 7. Open a terminal, try to sudo Actual results: You can't sudo because your user isn't in the wheel group. You can't su because the root account is disabled. pkexec asks for "Administrator" password; I tried the domain Administrator's password, my user's password and no password. Nothing worked. Expected results: Have a way to perform administrative tasks, either by enabling the root account or by having the user in the wheel group Additional info: The files in /etc/skel weren't copied to the domain user's home; Two directories were created in /home: /home/aduser and /home/aduser@addomain; Both directories have the same owner and group;
Workaround: Open a shell in initrd, mount /sysroot as read-write and edit /sysroot/etc/group Steps: 1. Reboot 2. In grub press "e" to edit the menu entry 3. Search for a line that starts either with linux16 or linuxefi and append the string " rd.break" 4. Press ctrl+x 5. Mount the /sysroot as read-write: mount -oremount,rw /sysroot 6. Open /sysroot/etc/group in a text editor 7. search for the line "wheel:x:10:" and append your user 8. You may run into selinux issues, so either set it to permissive (edit /sysroot/etc/selinux/config) or touch /sysroot/.autorelabel 9. reboot again 10. If in step 8 you set selinux to permissive, restorecon /etc/group and reset selinux back to enforcing and reboot again.
The same for Fedora 29
This message is a reminder that Fedora 28 is nearing its end of life. On 2019-May-28 Fedora will stop maintaining and issuing updates for Fedora 28. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '28'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 28 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 28 changed to end-of-life (EOL) status on 2019-05-28. Fedora 28 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
João, since this is an upstream bug and the desired fix is not immediately clear, would you mind reporting it at https://gitlab.gnome.org/GNOME/gnome-initial-setup/issues?
I've experienced this myself on a fresh Fedora 30 install today. I've reported this under https://gitlab.gnome.org/GNOME/gnome-initial-setup/issues/80
This bug appears to have been reported against 'rawhide' during the Fedora 31 development cycle. Changing version to '31'.
This message is a reminder that Fedora 31 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 31 on 2020-11-24. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '31'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 31 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
Fedora 31 changed to end-of-life (EOL) status on 2020-11-24. Fedora 31 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed.
This is still happening in Fedora 34. The user I used for enterprise login is not added to sudoers, and when I try to do any administrative task, I'm asked for the "Administrator" password. Even using the domain admin password, it does not allow me to do any privileged task. Tried also to login as the domain admin via "su" using the correct password. [pepe@fedora ~]$ su - Administrator Password: su: Permission denied This one was using a wrong password [pepe@fedora ~]$ su - Administrator Password: su: Authentication failure Tried to do a sudo [pepe@fedora ~]$ sudo bash [sudo] password for pepe: Your password will expire in 1 day(s). pepe is not in the sudoers file. This incident will be reported.
This is an upstream bug: https://gitlab.gnome.org/GNOME/gnome-initial-setup/-/issues/80 If you use enterprise login and want to help fix it, please comment there. Otherwise it's not going to be fixed....