Bug 505384 - gdm fails to allow local user login if NIS is not functioning correctly
gdm fails to allow local user login if NIS is not functioning correctly
Product: Fedora
Classification: Fedora
Component: gdm (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: jmccann
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-06-11 13:46 EDT by Jonathan Abbey
Modified: 2015-01-14 18:23 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-06-11 14:21:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
/var/log/message excerpt showing gdm stack trace (12.57 KB, text/plain)
2009-06-11 13:46 EDT, Jonathan Abbey
no flags Details

  None (edit)
Description Jonathan Abbey 2009-06-11 13:46:08 EDT
Created attachment 347446 [details]
/var/log/message excerpt showing gdm stack trace

Description of problem:

Fedora 11 ships with an installer that allows NIS authentication to be selected, but if it is selected, the default firewall configuration blocks ypbind from functioning, thereby breaking login.

I've entered bug #505380 for this.

When the system is in this broken state, it is possible to login at the text consoles with the local root user, but attempting to login with root at the graphical login dialog fails, even though looking up root should not need to access NIS.

Version-Release number of selected component (if applicable):

How reproducible:


Steps to Reproduce:
1.Install a system with Fedora 11 with NIS authentication active
2.Attempt to login to the graphical login window with local root account
Actual results:

The login fails.  Logging in a text console with the same privileges succeeds.

Expected results:

Local logins should work at gdm the same way they work in text consoles in the face of misconfigured NIS / firewall active.

Additional info:

There is a stack trace present for gdm in /var/log/messages when this login failure occurs.  See attached.
Comment 1 Jonathan Abbey 2009-06-11 14:21:09 EDT
I have been told by another systems administrator here that root is deliberately disabled from logging into the graphical desktop by the configuration of /etc/pam.d/gdm and /etc/pam.d/xdm.

This is an unfortunate choice when using NIS authentication, because if NIS authentication is not working, there is no other local account besides root available to use.

It is certainly possible to work exclusively in text mode to figure things out, but having the web browser, etc., available for troubleshooting would be helpful.

As this appears to be a deliberate choice by Fedora, I'm closing this bug.

Note You need to log in before you can comment on or make changes to this bug.