Ubuntu
accountsservice package

error in accountsservice/user.c fails to remove user from nopasswdlogin when mode is set to none

Bug #1302230 reported by Eric Chaskes
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
accountsservice (Ubuntu)
Confirmed
Low
Unassigned

Bug Description

                /* Remember to remove user from nopasswdlogin group if we're
                   switching away from no-password mode */
2683 if (user->password_mode == PASSWORD_MODE_NONE) {
                        argv[0] = "/usr/bin/gpasswd";
                        argv[1] = "-d";
                        argv[2] = user->user_name;
                        argv[3] = "nopasswdlogin";
                        argv[4] = NULL;

Line 2683 should be if (user->password_mode != PASSWORD_MODE_NONE) {

See related: https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1169054

Seth Arnold (seth-arnold)
Changed in accountsservice (Ubuntu):
status: New → Confirmed
information type: Private Security → Public Security
Revision history for this message
Sebastien Bacher (seb128) wrote :

Thank you for your bug report. I think the line is correct, "user->password_mode" is the old mode and "mode" the new mode, that check does "if changing from mode_none to something else, then"

Changed in accountsservice (Ubuntu):
importance: Undecided → Low
Revision history for this message
Eric Chaskes (echaskes) wrote :

Thank you for the reply. I agree that the line is in fact correct. I see I mistakenly thought the mode had already changed, but that is not done until after exiting the current block.

But here is how the bug is working:

Setting the mode to none causes the user to be added to the nopasswdlogin group.

Adding a password (user_change_password_authorized_cb) includes code to remove the user from the nopasswdlogin group.

But If mode has already been set to none when the user is locked, the user will not be removed from the nopasswdlogin group.

This is confirmed in /var/log/auth.log.

Locking the account in user_change_locked_authorized_cb (line 2435) should -- but does not -- check the mode.

If the current mode is none, it needs to change the mode to something else, which in turn will remove the user from nopasswdlogin.

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.