Ubuntu
gnome-terminal package

gnome-terminal drops pam_group config

Bug #1835224 reported by Philipp Takacs
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gnome-terminal (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

If you use pam_group to add users to a group and open gnome-terminal the dynamic group is lost.

How to reproduce:

enable pam_group
add "*;*;*;Al0000-2400;dialout" to /etc/security/group.conf
log in with a user which is not in the dialout group
open gnome-terminal
check with id if you in the dialout group

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: gnome-terminal 3.28.2-1ubuntu1~18.04.1
ProcVersionSignature: Ubuntu 4.15.0-54.58-generic 4.15.18
Uname: Linux 4.15.0-54-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.6
Architecture: amd64
Date: Wed Jul 3 14:52:29 2019
SourcePackage: gnome-terminal
UpgradeStatus: No upgrade log present (probably fresh install)

See original description
Revision history for this message
Philipp Takacs (ptakacs) wrote :
Philipp Takacs (ptakacs)
description: updated
Revision history for this message
Egmont Koblinger (egmont-gmail) wrote :

gnome-terminal itself doesn't do any authentication / PAM stuff. It's probably an issue with `systemd --user` which launches gnome-terminal.

Revision history for this message
Philipp Takacs (ptakacs) wrote :

I can start an other terminal (i.e. xterm) there are the groups correct. Starting a gnome-terminal from this terminal causes wrong groups in gnome-terminal. So either gnome-terminal sets the groups or uses a dbus/systemd/whatever funktion to set the groups. I would call both scenarios a bug in the gnome-terminal.

Revision history for this message
Egmont Koblinger (egmont-gmail) wrote :

> Starting a gnome-terminal from this terminal

Even executing "gnome-terminal" from an xterm goes through dbus/systemd. "gnome-terminal" is just a controlling client that asks systemd to start up a server which then displays the window and does all the rest.

Don't ask why the architecture is like this, I don't know. But gnome-terminal definitely doesn't do anything with groups, nor asks dbus/systemd/whatever to tamper with the groups.

The issue is probably in systemd, starting up gnome-terminal (and presumably any other app that it starts up) with the wrong groups.

Revision history for this message
Philipp Takacs (ptakacs) wrote :

I think you misunderstand me a bit.

> The issue is probably in systemd, starting up gnome-terminal (and
> presumably any other app that it starts up) with the wrong groups.

Yes gnome-terminal uses a systemd --user service to start a
terminal-server. This terminal-server is the parrent of all shells in
a gnome-terminal for this user.

The problem is systemd --user services are designed as per-user service
not per-session[0]. As I understand the Mailinglist, there ar no plans
to change this. So a systemd --user service isn't the right tool for
this architecture of a terminal and for any other programm which should
belong to a session. Thats why I say it's a bug in gnome-terminal not
in systemd.

That systemd has no per-session services is an other problem.

[0] https://lists.freedesktop.org/archives/systemd-devel/2014-March/017552.html

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-terminal (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.