This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 439835 - gdm login list includes accounts that shouldn't be able to login
gdm login list includes accounts that shouldn't be able to login
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: gdm (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: jmccann
Fedora Extras Quality Assurance
:
Depends On:
Blocks: F9Target
  Show dependency treegraph
 
Reported: 2008-03-31 13:09 EDT by Bruno Wolff III
Modified: 2015-01-14 18:20 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-03-31 23:40:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Bruno Wolff III 2008-03-31 13:09:33 EDT
Description of problem:
For a while (during the F9 rawhide period) gdm only listed accounts that had
logged in and 'other'. Now it seems to be listing lots of accounts even those
with a shell of /sbin/nologin which seems wrong. I am not sure of the intention,
but I would expect that accounts with shells of /sbin/nologin would not be
included in the list. (Probably any account with a shell not in /etc/shells
should also be excluded.)

Version-Release number of selected component (if applicable):
gdm-2.21.10-0.2008.03.26.3.fc9.i386

How reproducible:
100%

Steps to Reproduce:
1.Add some accounts with a shell of /sbin/nologin
2.Logout at the console with X running and wait for gdm to start
3.
  
Actual results:
Long list of accounts that aren't allowed to login.

Expected results:
Only mt account and 'other' expected to be in the list.

Additional info:
I am not seeing all of the accounts on the system listed, so I am guessing it
may be doing some filtering based on uid. I don't think that is appropiate
(except maybe for uid 0) as they are arbitrary and aren't necessarily correlated
to which accounts can login.
Comment 1 jmccann 2008-03-31 23:40:38 EDT
Well, we already exclude all users with shells not in /etc/shells.  The problem
is that /sbin/nologin is in /etc/shells.  So, I've patched upstream to
explicitly exclude users with /sbin/nologin and /bin/false as shells.
Comment 2 Bruno Wolff III 2008-04-01 06:38:59 EDT
Thanks! That solution sounds great and will definitely take care of my problem.

Note You need to log in before you can comment on or make changes to this bug.