lightdm login fails with NFS home and strict (mode 0700) permissions
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Light Display Manager |
Fix Released
|
Medium
|
Unassigned | ||
lightdm (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Oneiric |
Fix Released
|
Medium
|
Robert Ancell |
Bug Description
Lightdm appears not to be able to log in a user if all of the following are true:
1. They've got an NFS-mounted home directory
2. NFS is configured in the usual manner; ie, root privileges do not allow access to arbitrary remote files
3. The user's home directory permissions are such that "other" cannot access the directory (ie, mode 0700)
In this situation, the password is accepted and the screen clears. Rather than bringing up the desktop as expected, a couple of seconds pass and we're returned to the lightdm screen. This yielded a message in one of the /var/log/lightdm logs which I've just discovered was overwritten by subsequent successful logins. I'll recreate this and update the bug tonight.
Workaround was to chmod the user's homedir to 0711 which allowed lightdm to work properly.
Release is Ubuntu 11.10 with all updates as of 17 Oct 2011 at roughly 10pm EDT. Lightdm package is 1.0.1-0ubuntu6.
Related branches
- Ubuntu Development Team: Pending requested
-
Diff: 70 lines (+42/-0)4 files modified.bzrignore (+1/-0)
debian/changelog (+9/-0)
debian/patches/07_fix_877766.patch (+31/-0)
debian/patches/series (+1/-0)
summary: |
- lightdm login fails with NFS home + lightdm login fails with NFS home and strict (mode 0700) permissions |
Changed in lightdm: | |
status: | Confirmed → Triaged |
importance: | Undecided → Medium |
Changed in lightdm: | |
status: | Fix Committed → Fix Released |
tags: |
added: verification-done removed: verification-needed |
I have the same problem: logging in as a user with NFS home directory fails
permissions on users home directories: rwx------ (default as created by useradd)
NFS (v3) filesystem is not exported with root permission for client machine (i.e. no 'no_root_squash' option)
User enters username and password on login screen and then screen goes black and login window reappears.
Giving root access on the users home directory allows logins to work:
chmod o+x <user home directory>
or if ACLs enabled for the filesystem:
setfacl -m user:65534:x <user home directory>
without changes /var/log/ lightdm/ lightdm. log shows:
[+16.20s] WARNING: Failed to change to home directory /npdisks/home/jb: Permission denied
relevant lines in lightdm.log: lightdm/ .Xauthority session( 0xc5a840) -> 0 (Success) 0xc5a840, PAM_DELETE_CRED) -> 0 (Success) 23bfe54c9000002 9c-1319111371. 735096- 2139365219 home/jb/ .dmrc home/jb/ .xsession- errors item(0xc6a9f0, 3, ":0") -> 0 (Success) session( 0xc6a9f0, 0) -> 0 (Success) 23bfe54c9000002 9c-1319111387. 433106- 1241632904 home/jb/ .Xauthority lightdm- session 'gnome-session --session=ubuntu' p/DisplayManage r/Session0 session( 0xc6a9f0) -> 0 (Success) 0xc6a9f0, PAM_DELETE_CRED) -> 0 (Success) 23bfe54c9000002 9c-1319111387. 433106- 1241632904
[+15.91s] DEBUG: Authenticate result for user jb: Success
[+15.91s] DEBUG: User jb authorized
[+15.91s] DEBUG: Wrote 24 bytes to greeter
[+15.95s] DEBUG: Read 8 bytes from greeter
[+15.95s] DEBUG: Read 10 bytes from greeter
[+15.95s] DEBUG: Greeter requests session ubuntu
[+15.95s] DEBUG: Stopping greeter
[+15.95s] DEBUG: Dropping privileges to uid 106
[+15.95s] DEBUG: Removing session authority from /var/lib/
[+15.99s] DEBUG: Restoring privileges
[+15.99s] DEBUG: Sending signal 15 to process 7053
[+16.00s] DEBUG: Process 7053 exited with return value 0
[+16.00s] DEBUG: pam_close_
[+16.00s] DEBUG: pam_setcred(
[+16.00s] DEBUG: pam_end(0xc5a840) -> 0
[+16.00s] DEBUG: Ending ConsoleKit session 137061b491bb03a
[+16.09s] DEBUG: Greeter quit
[+16.09s] DEBUG: Starting user session
[+16.11s] DEBUG: Dropping privileges to uid 6057
[+16.11s] DEBUG: Writing /npdisks/
[+16.11s] DEBUG: Restoring privileges
[+16.15s] DEBUG: Starting session ubuntu as user logging to /npdisks/
[+16.15s] DEBUG: Launching session
[+16.15s] DEBUG: pam_set_
[+16.16s] DEBUG: pam_open_
[+16.19s] DEBUG: Opened ConsoleKit session 137061b491bb03a
[+16.19s] DEBUG: Dropping privileges to uid 6057
[+16.19s] DEBUG: Adding session authority to /npdisks/
[+16.20s] DEBUG: Restoring privileges
[+16.20s] DEBUG: Launching process 7148: /usr/sbin/
[+16.20s] WARNING: Failed to change to home directory /npdisks/home/jb: Permission denied
[+16.20s] DEBUG: Registering session with bus path /org/freedeskto
[+16.20s] DEBUG: Process 7148 exited with return value 1
[+16.21s] DEBUG: pam_close_
[+16.21s] DEBUG: pam_setcred(
[+16.21s] DEBUG: pam_end(0xc6a9f0) -> 0
[+16.21s] DEBUG: Ending ConsoleKit session 137061b491bb03a
[+16.24s] DEBUG: User session quit
having a brief look at the source for lightdm, src/session.c :
/* Change working directory */ home_directory (user)) != 0)
if (chdir (user_get_
{
g_warning ("Failed to change to home directory %s: %s"...