Disabling then Re-Enabling login without password does not remove user from nopasswdlogin group

Bug #1169054 reported by Arthur Tan on 2013-04-15
28
This bug affects 5 people
Affects Status Importance Assigned to Milestone
accountsservice (Ubuntu)
Undecided
Unassigned

Bug Description

I am using 12.04.

Under System Settings, User Accounts, Passwords, Action, changing to "Login without a password" works as expected. On the next login, LightDM will not prompt you for a password, You can just login by hitting Enter.

But, re-enabling password, or changing a password for the same user does not change LightDM behavior. LightDM does not re-enable asking for password at login.

I think the problem is re-enabling password under Systems Settings does not delete user from nopasswdlogin group. You have to delete it from the command line:

sudo gpasswd -d username nopasswdlogin

This problem is the same ones described here:

http://ubuntuforums.org/showthread.php?p=11566335

http://askubuntu.com/questions/211084/how-do-i-get-ubuntu-to-ask-me-for-at-password-at-login-again/281615#281615

http://askubuntu.com/questions/100010/no-password-asked-at-login-screen-just-start-session-button-with-lightdm

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in accountsservice (Ubuntu):
status: New → Confirmed
Eric Chaskes (echaskes) wrote :

This bug title is worded incorrectly. More accurate would be:

Changing user setting in User Accounts from "Login without password" to "Disable this account" does not remove the user from the nopasswdlogin group.

The user remains in the nopasswdlogin group only when going from "Login without password" to "Disable this account". In this case, lightdm will remain set to allow login without a password.

After setting a password, the user is properly removed from nopasswdlogin and lightdm behaves correctly, so setting a password in User Settings and then disabling the account in User Settings avoids the bug.

I confirmed this in 12.04.4, 13.10, and 14.04 Beta 2.

See: http://askubuntu.com/questions/442641/how-to-disable-a-passwordless-account/442995#442995

Eric Chaskes (echaskes) wrote :

After additional research, I realized that this bug is invalid against accountsservice.

Instead, the bug is in Unity-Control-Center, which fails to change the login mode when locking an account. A user who is already in the nopasswordlogin group, therefore, will not be dropped from the nopasswordlogin group when the account is locked.

I submitted a merge proposal at https://code.launchpad.net/~echaskes/unity-control-center/fix-user-password-dialog/+merge/217167

Arthur Tan (artgtan) wrote :

I think this should be changed to Fix Released after your merge proposal was approved? Thanks Eric.

Rob Hills (rhills) wrote :

Problem still present in 14.04 LTS
A family member inadvertently changed their User Account to "Login without password" and subsequently I was unable to revert this change until I discovered the nopasswdlogin group and manually removed them from that group.

summary: - Disabling then Re-Enabling login without password does remove user from
- nopasswdlogin group
+ Disabling then Re-Enabling login without password does not remove user
+ from nopasswdlogin group
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers