Ubuntu
gdm package

GDM allows root logins

Bug #484317 reported by Iain Buclaw on 2009-11-17

This bug affects 2 people

Affects		Status	Importance	Assigned to
	gdm (Ubuntu)	Triaged	Medium	Unassigned
Declined for Lucid by Sebastien Bacher
Declined for Maverick by Sebastien Bacher

Bug Description

Binary package hint: gdm

Steps to reproduce:

1) Create a password for root
2) Logout
3) Login as root

Now, previous versions of Ubuntu prevented a graphical root login in GDM, and I see no reason why this should differ in the new versions.

There has always been a strict setup against graphical root logins, and it seems strange they are now but trivial.

ProblemType: Bug
Architecture: i386
CheckboxSubmission: d6517d529af25e3238a6fedb0ace8960
CheckboxSystem: 669b662da410063cc918e0f60cf6cddf
Date: Tue Nov 17 17:05:36 2009
DistroRelease: Ubuntu 9.10
InstallationMedia: Ubuntu-Netbook-Remix 9.10 "Karmic Koala" - Release i386 (20091028.4)
Package: gdm 2.28.1-0ubuntu1 [modified: usr/lib/gdm/gdm-crash-logger usr/lib/gdm/gdm-simple-slave usr/lib/gdm/gdm-factory-slave usr/lib/gdm/gdm-product-slave usr/lib/gdm/gdm-xdmcp-chooser-slave usr/lib/gdm/gdm-session-worker usr/lib/gdm/gdm-simple-chooser usr/lib/gdm/gdm-host-chooser usr/lib/gdm/gdm-simple-greeter usr/lib/gdm/gdm-user-switch-applet usr/sbin/gdm-binary usr/bin/gdmsetup usr/bin/gdmflexiserver usr/bin/gdm-screenshot]
ProcEnviron:
LANG=en_GB.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-14.48-generic
SourcePackage: gdm
Tags: ubuntu-unr
Uname: Linux 2.6.31-14-generic i686
XsessionErrors:
(gnome-settings-daemon:7617): GLib-CRITICAL **: g_propagate_error: assertion `src != NULL' failed
(gnome-settings-daemon:7617): GLib-CRITICAL **: g_propagate_error: assertion `src != NULL' failed
(nautilus:7650): Eel-CRITICAL **: eel_preferences_get_boolean: assertion `preferences_is_initialized ()' failed
(polkit-gnome-authentication-agent-1:7701): GLib-CRITICAL **: g_once_init_leave: assertion `initialization_value != 0' failed

Tags:

Revision history for this message

Iain Buclaw (iainb) wrote on 2009-11-17:

Dependencies.txt Edit (19.0 KiB, text/plain; charset="utf-8")

Revision history for this message

Iain Buclaw (iainb) wrote on 2009-11-17:

disallow_root_login.patch Edit (364 bytes, text/plain)

Thankfully, the fix is trivial too:

Add the following to /etc/pam.d/gdm
auth required pam_succeed_if.so user != root quiet

Patch for the debian build attached.

Regards
Iain

Revision history for this message

WeatherGod (ben-v-root) wrote on 2009-11-17:

Iain, I have attempted to reproduce this on Karmic Koala using UNR, but root logins through the gdm is still results in authenication failure for me. How exactly did you set the password for the root account?

Changed in gdm (Ubuntu):
status:	New → Incomplete

Revision history for this message

Connor Imes (ckimes) wrote on 2009-11-18:

I am able to reproduce this on a Lucid box using "sudo passwd root" to enable the root account. I haven't heard that Ubuntu was going to allow root logins through gdm even if the account is enabledf, so I believe this is a bug.
Thanks for your report, Iain.

Changed in gdm (Ubuntu):
importance:	Undecided → Medium
status:	Incomplete → Triaged

Revision history for this message

Iain Buclaw (iainb) wrote on 2009-11-18:

Just running "sudo passwd" is enough to set the password.

Actually, after having a sleep on it, would it be useful just to deny uid's < 1000 and the 'nobody' user?

ie:

auth required pam_succeed_if.so uid >= 1000 quiet
auth required pam_succeed_if.so user != nobody quiet

This, I think will restore the original behaviour.

Regards

Revision history for this message

Kees Cook (kees) wrote on 2009-12-16:

Even when a root password was set, gdm (Jaunty and prior) would not allow root to log in:
"The system administrator is not allowed to login from this screen"

This behavior should be restored, but not via pam stack manipulations, as it would lack the gdm-greeter feedback above.

Revision history for this message

Iain Buclaw (iainb) wrote on 2009-12-27:

@Kees, I agree.

This patch attached should do just that.

It's a slight modification of another part of the gdm code that disallows the showing of system users in the selection screen. Copied it into the do_accredit stage of the user authorisation, tested and it works as expected.

Just putting it in the debian/patches folder will apply it to the build.

Regards
Iain

Revision history for this message

Iain Buclaw (iainb) wrote on 2009-12-27:

26_disallow_rootlogin.patch Edit (5.5 KiB, text/plain)

Revision history for this message

Iain Buclaw (iainb) wrote on 2009-12-28:

revision2 Edit (74.4 KiB, text/plain)

And imported all the relevant translations from gdm-2.20 into gdm-2.28 (using a perl script to grab+insert into files, so there may be error, although I'm confident there isn't).

If anyone has any comments - greatly appreciated. As I'm learning here as much as I am contributing.

Regards
Iain

Revision history for this message

Iain Buclaw (iainb) wrote on 2010-01-02:

#10

29_disallow_invalid_login.patch Edit (6.2 KiB, text/plain)

And with regards to bug #459199, updated to match system uid configuration.

Also, renamed it to "disallow_invalid_login" to better describe what it does.

Regards
Iain

Revision history for this message

Iain Buclaw (iainb) wrote on 2010-03-25:

#11

Can someone confirm if this bug is still the case in Lucid? If not, I'll have a prep machine in a few days.

Also, if anyone has any direction on where this is heading, please let me know also. Specifically, does this need patching? Or should the wiki be updated to reflect the new behaviour of GDM?

Regards

tags:	added: patch
tags:	added: ubuntu removed: apport-bug i386

Revision history for this message

Lenin (gagarin) wrote on 2010-05-06:

#12

i'm glad it does, ctrl-alt-f1 doesn't seem to work anymore, sometimes

Revision history for this message

Jonathan Reed (jdreed) wrote on 2010-07-27:

#13

In response to #11, I confirm the bug is still present in Lucid.

jdreed@adjective-animal:~$ apt-cache policy gdm
gdm:
  Installed: 2.30.2.is.2.30.0-0ubuntu3
  Candidate: 2.30.2.is.2.30.0-0ubuntu3
  Version table:
*** 2.30.2.is.2.30.0-0ubuntu3 0
        500 http://ubuntu.media.mit.edu/ubuntu/ lucid-updates/main Packages
        100 /var/lib/dpkg/status
     2.30.0-0ubuntu5 0
        500 http://ubuntu.media.mit.edu/ubuntu/ lucid/main Packages

Revision history for this message

Twisted Lincoln, Inc. (twistedlincoln) wrote on 2010-09-19:

#14

This behavior should be configurable, rather than forced. While I agree that the default should be to forbid a root login with GDM, one should be able to enable such functionality if they so choose.

Revision history for this message

Olivier Mengué (dolmen) wrote on 2011-02-17:

#15

This bug is marked "Declined for Maverick by Sebastien Bacher". Can we have an explanation? Is it an Ubuntu policy change regarding root login?