Ubuntu
accountsservice package

Can't remove user if they're not in /etc/passwd

Bug #988072 reported by Thomas Bushnell, BSG
58
This bug affects 12 people
Affects Status Importance Assigned to Milestone
accountsservice (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Thanks to nss, there are many ways for a user account to exist.

If you have user accounts authenticated with LDAP (say), and use nss tables other than passwd to store user information, then you find that the system automatically creates an entry in the user account database on login. This is handy: it means the user gets listed by lightdm in the greeter, for example, and things like background and keyboard prefs can be known to the greeter. It's all good.

However, these users cannot be deleted. If you use the accounts-daemon from the control center to remove them, you get this error:

Failed to delete user
GDBus.Error:org.freedesktop.Accounts.Error.Failed: running '/usr/sbin/userdel' failed: /usr/sbin/userdel returned an error (1): userdel: cannot remove entry 'tbushnell' from /etc/passwd

And alas, the user then stays in the system database.

Please make it possible to remove users from the system database even if deluser and userdel don't work on them.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in accountsservice (Ubuntu):
status: New → Confirmed
Revision history for this message
Neil Broadley (scaine) wrote :

Any manual workarounds for this? The number of users that shows up in the lighdm login window keeps growing with each person that logs in. I'm going to have to remove the picker if I can't delete these AD (LDAP) based users from our laptop fleet.

Revision history for this message
Richard Lowe (ocdrichard) wrote :

I have the same issue. In a school environment with LDAP authentication on the LTSP server. Every 3 months we change students in the lab. Each time they log in it creates an entry for them and then when they leave we can't delete them.

Have a lightdm screen with 50+ names on it. Awesome.

deluser will not remove them because they are not found in the /etc/passwd file.

Revision history for this message
Richard Lowe (ocdrichard) wrote :

Have found a "workaround" that works but I'm not happy with.

nano /etc/lightdm/lightdm.conf

Add the following:
[SeatDefaults]
greeter-hide-users=true
greeter-show-manual-login=true

Save, reboot.

Revision history for this message
Timur Tabi (timur-tabi) wrote :

That work-around doesn't work for me, because my lightdm.conf already has those entries in it.

[SeatDefaults]
greeter-session=unity-greeter
user-session=ubuntu
greeter-hide-users=true
greeter-show-manual-login=true
allow-guest=false

Revision history for this message
R. Becke (subscribe-becke) wrote :

I have found a workaround - by deleting the sss cache files the remote user profiles disappear from the lightdm login screen:
log-in as LOCAL administrator (sudo user) (i.e. basically the account that was created during installation)
delete SSS cache files:
sudo rm /var/lib/sss/db/*
sudo rm /var/lib/sss/md/*
And reboot the machine.

Revision history for this message
R. Becke (subscribe-becke) wrote :

Sorry but my workaround was incomplete - i.e. to clean up the login screen (and clean up the cached passwords) I use the following commands:
sudo rm /var/lib/sss/db/*
sudo rm /var/lib/sss/mc/*
sudo rm -rf /var/lib/lightdm/.cache
sudo rm -rf /var/cache/lightdm
sudo rm -rf /var/log/wtmp
And reboot the machine

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.