prompts for permissions on startup when username is both local & networkauth

Bug #1192300 reported by Bryan Quigley on 2013-06-18
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
indicator-messages (Ubuntu)
Undecided
Unassigned

Bug Description

Steps to reproduce:
1. Setup Ubuntu desktop 12.04 with some form of network authentication. (Active Directory with Centrify, LDAP, etc)
2. Setup the same username both locally and in the remote service. (aka define bob locally and in AD)
3. Login with username
4. Note prompt that says, "Authentication is required to change user data"
    Details: org.freedesktop.accounts.user-administration

Confirmed that by uninstalling indicator-messages this issue goes away. I tried testing with 12.10 but the messages-indicator appears to have a changed a good deal (there was no prompt, but also no message indicator).

Askubuntu question: http://askubuntu.com/questions/230270/immediately-after-login-my-12-04-lts-desktop-asks-for-my-password-for-authenti

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: indicator-messages 0.6.0-0ubuntu2
ProcVersionSignature: Ubuntu 3.5.0-23.35~precise1-generic 3.5.7.2
Uname: Linux 3.5.0-23-generic x86_64
ApportVersion: 2.0.1-0ubuntu17.3
Architecture: amd64
Date: Tue Jun 18 15:09:36 2013
InstallationMedia: Ubuntu 12.04.2 LTS "Precise Pangolin" - Release amd64 (20130213)
MarkForUpload: True
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: indicator-messages
UpgradeStatus: No upgrade log present (probably fresh install)

Bryan Quigley (bryanquigley) wrote :
Bryan Quigley (bryanquigley) wrote :

removed indicator-status-provider-mc5, no effect
removed gwibber*, no effect
removed thunderbird*, no effect
removed empathy*, no effect
autoremove all from above, no effect
only when removing indicator-messages doe it stop prompting for the password

Bryan Quigley (bryanquigley) wrote :

Jun 18 17:12:36 bryan-virtual-machine polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session8 FAILED to authenticate to gain authorization for action org.freedesktop.accounts.user-administration for system-bus-name::1.143 [/usr/lib/indicator-messages/indicator-messages-service] (owned by unix-user:bob)
Jun 18 17:12:45 bryan-virtual-machine polkitd(authority=local): Unregistered Authentication Agent for unix-session:/org/freedesktop/ConsoleKit/Session8 (system bus name :1.140, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)

Bryan Quigley (bryanquigley) wrote :
Bryan Quigley (bryanquigley) wrote :

Note: You need to use gnome-session-fallback to get the indicator logs, Unity doesn't have them for some reason.

Bryan Quigley (bryanquigley) wrote :
Bryan Quigley (bryanquigley) wrote :
Bryan Quigley (bryanquigley) wrote :

dbus_monitor_session_bob - Killed indicator-messages-session to cause the dialog again, then killed when it came up
dbus_mon_system_bob_fail - normal login of user bob, killed when message came up

Bryan Quigley (bryanquigley) wrote :
Bryan Quigley (bryanquigley) wrote :

Take two files have an administrator password typed in and then a few seconds waited

Bryan Quigley (bryanquigley) wrote :

indicator applet log with password entered and then a few seconds waited.

Ritesh Khadgaray (khadgaray) wrote :

This is a ubuntu specific bug. This comes from SetXHasMessages property added to accountsservice from 0013-add-has-message-support.patch , used by indicator-message .

The reason being, mismatch of uid between local user and one provided by remote server.

from fn accountsservice : user_set_xhas_messages
+gboolean
+user_set_xhas_messages (User *user,
+ gboolean has_messages,
+ DBusGMethodInvocation *context)
+{
+ gchar *sender;
+ DBusConnection *connection;
...
+ if (user->uid == uid)
+ action_id = "org.freedesktop.accounts.change-own-user-data";

The workaround I could think of, would be to fix the uid mismatch or revert the merge https://code.launchpad.net/~mterry/indicator-messages/tell-accounts-services/+merge/93290

Cheers
ritz

Bryan Quigley (bryanquigley) wrote :

Changing the UID for the local user to match the UID from AD makes it work fine without the prompt.

Changed in indicator-messages (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers