Light Display Manager

lightdm doesn't let pam_mkhomedir execute

Bug #1318778 reported by musicalvegan0 on 2014-05-12

This bug affects 5 people

Affects		Status	Importance	Assigned to	Milestone
	Light Display Manager	New	Undecided	Unassigned
	lightdm (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Affects:
14.04 LTS
lightdm 1.10.0-0ubuntu3

When graphically logging in with a new user without a home directory, lightdm/xdg/freedesktop creates a home directory based on settings in /etc/xdg before PAM session configs are processed. This makes pam_mkhomedir completely useless for graphical logins of first-time users. It also creates inconsistencies between graphical and console logins as the console still processes mkhomedir. Thus, two new users would have differing home directories if one initially logged in graphically vs intially logged in via a console.

This bug does not exist in 12.04 LTS.

How to reproduce:
1. Create a new user, ensuring the user has no home directory.
2. Configure pam with pam_mkhomedir to create a home directory by copying files from some skeleton directory.
3. Login via lightdm with the new user.
4. Verify that none of the files from the skeleton are actually in the new user's home directory.

What is expected to happen is that pam_mkhomedir is always processed before any other home directory files are created, enabling administrators to dictate the home directory contents for new users using the traditional method of pam_mkhomedir + /etc/skel.

Tags:

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-05-13:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in lightdm (Ubuntu):
status:	New → Confirmed

Revision history for this message

Philippe Jeanne (ph-jeanne-k) wrote on 2014-05-13:

I confirm that the skeleton directory is not used, and that ssh users and graphic users dont have the same home directory.

The rights applied on the home directories (755, umask 022) are dangerous : all users can read all the homes created in graphic mode.

PhJ

Revision history for this message

Moritz Dafelmair (moritz-dafelmair) wrote on 2016-04-20:

I've tried to reproduce this bug with a current Ubuntu Xenial, by adding:

session required pam_mkhomedir.so skel=/etc/skel/ umask=0022

to /etc/pam.d/common-account and creating a new user without home directory with adduser --no-create-home afterwards. I also added a file to /etc/skel. After I logged on into the new user the first time, the file I added in /etc/skel was present in the home directory.

Seems that a fix was released in a newer version. Since trusty still uses version 1.10.0-0ubuntu3 [1], xenial uses 1.18.1-0ubuntu1 [2].

[1] http://packages.ubuntu.com/trusty/lightdm
[2] http://packages.ubuntu.com/xenial/lightdm

Moritz Dafelmair (moritz-dafelmair) on 2016-04-27

tags:

added: amd64 trusty

Moritz Dafelmair (moritz-dafelmair) on 2016-06-02

Changed in lightdm (Ubuntu):
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.