Bug 183351 - usermode fails when adapting configuration and if homedirectories are on NFS server
usermode fails when adapting configuration and if homedirectories are on NFS ...
Product: Fedora
Classification: Fedora
Component: usermode (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Martin Bacovsky
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2006-02-28 10:56 EST by Armijn Hemel
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-02-13 16:50:17 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Armijn Hemel 2006-02-28 10:56:32 EST
Description of problem:

Adapting usermode doesn't work nicely if users' home directories are stored
on an NFS server and uid/gid 0 is mapped to the anonymous user on the NFS server.

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:
1. Install an NFS server, map root to the anonymous user
2. Adapt the configuration for any program (like ethereal) and change the user
to authenticate from USER=root to USER=<user>
3. launch the program
Actual results:

The program will be denied access to the X server

Expected results:

Not sure. I wanted the program to run, but it's probably not easy to fix this
(see below).

Additional info:

The reason this happens is because in the process the pam_xauth.so module tries
to merge the .Xauthority file with xauth. Because on the NFS server root is
mapped to the anonymous user it cannot always access the user's
$HOME/.Xauthority file (if the homedir is chmod 700 for example). pam_xauth.so
tries to merge the .Xauthority file from the user it authenticates.

I don't know if this is already fixed in FC4 or any of the FC5 releases or that
this should be assigned to pam instead.
Comment 1 Matthew Miller 2006-07-10 17:49:51 EDT
Fedora Core 3 is now maintained by the Fedora Legacy project for security
updates only. If this problem is a security issue, please reopen and
reassign to the Fedora Legacy product. If it is not a security issue and
hasn't been resolved in the current FC5 updates or in the FC6 test
release, reopen and change the version to match.

Thank you!
Comment 2 Armijn Hemel 2007-02-13 16:50:17 EST
I no longer have access to those machines since I left university.

Note You need to log in before you can comment on or make changes to this bug.