Red Hat Bugzilla – Bug 505384
gdm fails to allow local user login if NIS is not functioning correctly
Last modified: 2015-01-14 18:23:07 EST
Created attachment 347446 [details]
/var/log/message excerpt showing gdm stack trace
Description of problem:
Fedora 11 ships with an installer that allows NIS authentication to be selected, but if it is selected, the default firewall configuration blocks ypbind from functioning, thereby breaking login.
I've entered bug #505380 for this.
When the system is in this broken state, it is possible to login at the text consoles with the local root user, but attempting to login with root at the graphical login dialog fails, even though looking up root should not need to access NIS.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Install a system with Fedora 11 with NIS authentication active
2.Attempt to login to the graphical login window with local root account
The login fails. Logging in a text console with the same privileges succeeds.
Local logins should work at gdm the same way they work in text consoles in the face of misconfigured NIS / firewall active.
There is a stack trace present for gdm in /var/log/messages when this login failure occurs. See attached.
I have been told by another systems administrator here that root is deliberately disabled from logging into the graphical desktop by the configuration of /etc/pam.d/gdm and /etc/pam.d/xdm.
This is an unfortunate choice when using NIS authentication, because if NIS authentication is not working, there is no other local account besides root available to use.
It is certainly possible to work exclusively in text mode to figure things out, but having the web browser, etc., available for troubleshooting would be helpful.
As this appears to be a deliberate choice by Fedora, I'm closing this bug.