users-admin should not allow creation of users with encrypted home who aren't asked for password on login
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnome-system-tools (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
Tested in Ubuntu 11.04 and 11.10. Steps to reproduce:
1) Go to "Users and Groups" (users-admin)
2) Click "Add"
3) Pick any name
4) Check "Encrypt home folder to protect sensitive data"
5) Click "OK"
6) Set any password
7) Check "Don't ask for password on login"
8) Click OK
Expected result: An error is raised at some point, because the user will not be able to log in.
Actual result: User is created normally. On login, the user is not prompted for their password, so the login fails. In Ubuntu 11.04, some cryptic error messages display and the GUI hangs; in Ubuntu 11.10, you're returned to the login screen. Since the user is not prompted for their password, the home directory cannot be decrypted, so login will fail. The two options are contradictory, and it should be impossible to select both.
It might also be worthwhile if the program responsible for login (gdm?) detected this conflict and prompted the user for their password, ignoring the preference not to be prompted. However, the preferences are still logically contradictory, so the administrator should not be allowed to select both when creating a user.
Bug #581303 and Bug #577563 are related, but were filed against gdm and eCryptfs. The problem should still be fixed in users-admin regardless of whether there's a workaround in gdm.
Indeed. But users-admin is no longer developed, since it's been replaced with the new GNOME control center applet upstream. (The new applet doesn't allow setting a password-less account.)
I don't think the workaround should be added in GDM, though, because I don't think it would be easy due to how PAM works. So I'm marking this bug as duplicate of the other, and moving the other to gnome-system-tools.