GDM does not prevent users with login shell /sbin/nologin from logging on
Bug #2039354 reported by
Geert Uytterhoeven
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gdm3 (Fedora) |
Fix Released
|
High
|
|||
gdm3 (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
gnome-session (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Version: 42.0-1ubuntu7.
Release: Ubuntu 22.04.3 LTS
A user with login-shell set to /sbin/nologin is still able to login using GDM.
See also https:/
information type: | Private Security → Public Security |
tags: | added: jammy |
Changed in gdm3 (Fedora): | |
importance: | Unknown → High |
status: | Unknown → Fix Released |
To post a comment you must log in.
Description of problem:
A user with login-shell set to /sbin/nologin is still able to login using GDM
Version-Release number of selected component (if applicable): 3-20.el8. x86_64
gdm-3.28.
How reproducible:
100%
Steps to Reproduce:
1. RHEL 8
2. useradd -s /sbin/nologin -m user2
3. login via GDM
Actual results:
The user is able to login
Expected results:
The user should not be able to login
Additional info: 1001:1001: :/home/ user2:/ sbin/nologin
# grep user2 /etc/passwd
user2:x:
# w gdm-x-session gnome-session
17:39:27 up 30 min, 2 users, load average: 0,80, 0,17, 0,07
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 172.16.100.100 17:09 1.00s 0.11s 0.01s w
user2 :1 :1 17:39 ?xdm? 16.42s 0.02s /usr/libexec/
# su - user2
Last login: Fr Aug 23 17:39:24 UTC 2019 on tty2
This account is currently not available.