Bug 1814454 - Cannot login with usernames that contain a period
Summary: Cannot login with usernames that contain a period
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: systemd
Version: 32
Hardware: x86_64
OS: Linux
unspecified
urgent
Target Milestone: ---
Assignee: systemd-maint
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-03-17 23:16 UTC by Thomas Simmons
Modified: 2020-05-18 18:59 UTC (History)
8 users (show)

Fixed In Version: systemd-245.4-1.fc32
Doc Type: ---
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-04-04 00:45:40 UTC
Type: Bug


Attachments (Terms of Use)

Description Thomas Simmons 2020-03-17 23:16:19 UTC
Description of problem:
After upgrade to Fedora 32 you cannot login with a username that contains a period. Research suggest other OS's have the same issue with this version of systemd. Example below.

https://bugs.gentoo.org/708824


Version-Release number of selected component (if applicable):
# yum info systemd
Last metadata expiration check: 0:18:39 ago on Tue 17 Mar 2020 06:51:11 PM EDT.
Installed Packages
Name         : systemd
Version      : 245~rc1
Release      : 4.fc32
Architecture : x86_64
Size         : 13 M
Source       : systemd-245~rc1-4.fc32.src.rpm

How reproducible:


Steps to Reproduce:
1. Create a username with a period
2. Attempt to login
3.

Actual results:

When login is attempted no error is displayed however you are not logged in and brought back to the login screen. This does not occur with users that do not have a period in the username.

Expected results:

Successful login.

Additional info:

/var/log/secure
Mar 17 18:58:10 focus-lnx gdm-password][4153]: pam_sss(gdm-password:auth): authentication success; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=a.user
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: unable to locate daemon control file
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: stashed password to try later in open session
Mar 17 18:58:10 focus-lnx gdm-password][4153]: pam_systemd(gdm-password:session): Failed to get user record: Invalid argument
Mar 17 18:58:10 focus-lnx gdm-password][4153]: pam_unix(gdm-password:session): session opened for user a.user by (uid=0)
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: unable to locate daemon control file
Mar 17 18:58:10 focus-lnx gdm-password][4153]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring
Mar 17 18:58:13 focus-lnx gdm-password][4153]: pam_unix(gdm-password:session): session closed for user a.user
Mar 17 18:58:24 focus-lnx gdm-password][4283]: gkr-pam: unable to locate daemon control file

Comment 1 Fedora Update System 2020-04-01 23:33:17 UTC
FEDORA-2020-c4623add1f has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-c4623add1f

Comment 2 Fedora Update System 2020-04-02 02:17:17 UTC
FEDORA-2020-c4623add1f has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-c4623add1f`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-c4623add1f

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 3 Fedora Update System 2020-04-04 00:45:40 UTC
FEDORA-2020-c4623add1f has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 4 jesus 2020-05-18 18:59:39 UTC
Same problem here, after upgading from FC30. My enterprise login (kerberos) username does not have any dot in it.

Journalctl errors for AD domain users:

May 18 20:51:55 fos.madrid.medios.es audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=fprintd comm=“systemd” exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success’
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: pam_sss(gdm-password:auth): authentication success; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=sanmi@madrid.medios.es
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_AUTH pid=15258 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_succeed_if,pam_sss,pam_gnome_keyring acct=“sanmi@madrid.medios.es”>
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: unable to locate daemon control file
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: stashed password to try later in open session
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_ACCT pid=15258 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct=“sanmi@madrid.medios.es” exe="/usr/libexec/gdm-session-w>
May 18 20:51:58 fos.madrid.medios.es audit[15258]: CRED_ACQ pid=15258 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss,pam_gnome_keyring acct=“sanmi@madrid.medios.es” exe="/usr/libexec/gdm-s>
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: pam_systemd(gdm-password:session): Failed to get user record: Invalid argument
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: pam_unix(gdm-password:session): session opened for user sanmi@madrid.medios.es by (uid=0)
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: unable to locate daemon control file
May 18 20:51:58 fos.madrid.medios.es gdm-password][15258]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_START pid=15258 uid=0 auid=610201124 ses=13 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_keyinit,pam_namespace,pam_keyinit,pam_limits,pam_unix,>
May 18 20:51:58 fos.madrid.medios.es audit[15258]: USER_LOGIN pid=15258 uid=0 auid=610201124 ses=13 msg=‘uid=610201124 exe="/usr/libexec/gdm-session-worker" hostname=? addr=? terminal=? res=success’


Note You need to log in before you can comment on or make changes to this bug.