pam_ldap and gdm have issues
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gdm (Ubuntu) |
Invalid
|
Medium
|
Ubuntu Desktop Bugs |
Bug Description
Binary package hint: gdm
A client of mine has a network with a Debian Sarge server and a few Ubuntu Dapper clients. The Sarge server runs slapd, and I've set up the clients to use pam_ldap.so and libnss-ldap.so to keep usernames centrally located. Also, /home is now NFS-mounted on the server. The pam_ldap stuff is configured through the common-* files in /etc/pam.d
When I log in on a getty, everything works; no sweat. So my PAM configuration seems to be okay.
When I log in through GDM, it accepts my username and password, but then just sits there, doing totally nothing. The password entry is greyed out, but instead of having gdmgreeter disappear and having the gnome session start, nothing happens.
I've tried enabling the debug option through gdm.conf, but then the bug disappears -- at least for the time being.
When I log in, 'ps aux --forest' shows me that _after entering username and password_, the initial gdm has three child processes: another gdm (forked off for handling the X server, probably), which has the X server and the gdmgreeter processes as children.
Running strace on that second gdm shows:
select(1024, [3], [], NULL, NULL
which never exits. File handle 3 is a socket; if I start strace before entering the username and the password, I see that the last syscall is a write() to that same file handle; by the looks of it, this would be the socket that communicates with the LDAP server. I believe (by looking at what is going over the wire with a sniffer) that it has already received an answer at this point, but I am not 100% sure.
To me, this looks like a race condition in one of pam_ldap.so, libnss-ldap.so, or gdm. Since it only occurs with gdm, however, I'm filing this against gdm.
I'm willing to provide the sniff and perhaps some more detailed strace information, but not through a public web interface -- some of these files contain some sensitive passwords in cleartext...
It looks like a NFS problem.
When you log on getty, are you sure you have a home directory ? Do you have nfs-common installed ?