GDM3 completely ignore pam_group

Bug #1777318 reported by Marco Gaiarin on 2018-06-17
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gdm3 (Ubuntu)

Bug Description


I'm using some ubuntu machine in a network where users data came from LDAP.

I've setup PAM/NSS to use LDAP account and all works as expected.
Apart assigning local group to users, via pam_group.

I've added to /etc/pam.d/common-auth (to the end):
 auth optional

and added to /etc/security/group.conf:
 *; *; %sysops; Al0000-2400; adm,sudo,admin,dip,cdrom,floppy,plugdev,lpadmin,sambashare

but groups are not added as expected, i'm not in 'admin' or 'sudo' group (eg, i cannot do administrative tasks) and if i fire up a terminal:

 gaio@dora:~$ id
 uid=1000(gaio) gid=1001(casa) gruppi=1001(casa),1000(sysops),1003(bbs)

note that group assignment works, eg:

 gaio@dora:~$ ssh localhost
 gaio@localhost's password:
 Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-23-generic x86_64)

 * Documentation:
 * Management:
 * Support:

 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:

 0 pacchetti possono essere aggiornati.
 0 sono aggiornamenti di sicurezza.

 Last login: Sun Jun 17 14:36:50 2018 from
 gaio@dora:~$ id
 uid=1000(gaio) gid=1001(casa) gruppi=1001(casa),4(adm),24(cdrom),25(floppy),27(sudo),30(dip),46(plugdev),116(lpadmin),126(sambashare),1000(sysops),1003(bbs)

Previous LTS (16.04) with LightDM works as expected. This bug seems very similar to #880104 .


Daniel van Vugt (vanvugt) wrote :

Please report the issue to the GDM developers here:

and then tell us the ID of the new bug.

Changed in gdm3 (Ubuntu):
status: New → Incomplete
description: updated
Changed in gdm3 (Ubuntu):
status: Incomplete → New
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gdm3 (Ubuntu):
status: New → Confirmed
Daniel van Vugt (vanvugt) wrote :

This wouldn't be a side-effect of bug 1782152, would it?

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers