Removing a user's password effectively locks them out of admin privileges
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnome-control-center (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Steps to reproduce this bug:
- Log in with a user who has admin privileges
- Open User Accounts from System Settings
- Click "Unlock" and authenticate yourself
- Click on the "Password" field.
- Set "Action" to "Log in without a password"
- Click on "Change"
(Same steps with screenshots can be found in this answer: http://
This successfully sets the user's password to empty. However, it does not ensure that sudoers includes a NOPASSWD directive, so the user now can longer use sudo, gksu, pkexec or PolicyKit to authenticate themself to gain admin rights.
What I expected to happen:
This functionality should be disabled for users with admin rights, or the sudoers file should be modified as appropriate, and PolicyKit made to work for users without a password.
ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: gnome-control-
ProcVersionSign
Uname: Linux 3.5.0-26-generic i686
ApportVersion: 2.6.1-0ubuntu10
Architecture: i386
Date: Sat Apr 13 20:59:29 2013
MarkForUpload: True
SourcePackage: gnome-control-
UpgradeStatus: Upgraded to quantal on 2012-10-18 (176 days ago)
usr_lib_
activity-
deja-dup 24.0-0ubuntu2
gnome-
indicator-datetime 12.10.2-0ubuntu3.1