Change-password-after-login is broken

Bug #911597 reported by Michael Terry on 2012-01-04
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Light Display Manager
lightdm (Ubuntu)

Bug Description

This is related to bug 838555. After running the following:

dbus-send --print-reply --system --dest=org.freedesktop.Accounts /org/freedesktop/Accounts/User1000 org.freedesktop.Accounts.User.SetPasswordMode int32:1

You can log into a VT and see the prompts to set the new password. But try it in unity-greeter and you get an authentication error.

This is because lightdm never sets the PAM_TTY pam item. Pam bails because there is no TTY to ask.

Branch coming.

Related branches

CVE References

Michael Terry (mterry) on 2012-01-09
Changed in lightdm:
status: New → Fix Committed
Changed in lightdm (Ubuntu):
status: New → Fix Committed
Changed in lightdm:
importance: Undecided → Medium
Changed in lightdm (Ubuntu):
importance: Undecided → Medium
Changed in lightdm:
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lightdm - 1.1.1-0ubuntu1

lightdm (1.1.1-0ubuntu1) precise; urgency=low

  * New upstream release:
    * Support PAM requesting a change of password (lp: #911597)
    * Support for reading users' backgrounds from Accounts Service
      (lp: #844081)
    * Switching to a user without a password bypasses the greeter
      (lp: #861177)
    * Move the GTK+ and Qt greeters into their own projects
  * Drop the gtk and qt greeters packaging files from this source
  * debian/liblightdm-gobject-1-0.symbols:
    - list new lightdm_user_get_background symbol
  * debian/patches/04_CVE-2011-4105.patch,
    - dropped, those issues are fixed in the new version or apply to the
      gtk greeter which is moved to its own source
  * debian/rules:
    - install lightdm-set-defaults back to its previous location
 -- Sebastien Bacher <email address hidden> Wed, 18 Jan 2012 11:10:03 +0100

Changed in lightdm (Ubuntu):
status: Fix Committed → Fix Released
Nobuto Murata (nobuto) wrote :

Is it possible to backport this fix to Oneiric?
I use Oneiric, so I have to use gdm for now to work out Change-password-after-login.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers