lightdm allows login with unplugged device needed for authentication
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lightdm (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Even if I unplugged device needed for authentication, lightdm still allows login without the device.
How to reproduce:
1. setup pam_usb.so or pam_blue.so with "auth sufficient" on /etc/pam.
pam_usb.so:
https:/
pam_blue.so:
http://
2. login to the user with the device
3. logout
4. unplug the USB device or turning off the bluetooth device
5. press Enter to login
Expected result:
login rejected or fallback to password login
Actual result:
login allowed, without the device or password
WORKAROUND:
make sure to press Esc on lightdm *after* unplugging the device
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.3-0ubuntu1
ProcVersionSign
Uname: Linux 3.5.0-26-generic x86_64
ApportVersion: 2.0.1-0ubuntu17.1
Architecture: amd64
CheckboxSubmission: 65fa7c094c0293d
CheckboxSystem: 0657dd966bc74d2
Date: Mon Mar 25 01:06:44 2013
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 12.04.2 LTS "Precise Pangolin" - Release amd64 (20130213)
MarkForUpload: True
ProcEnviron:
TERM=xterm
SHELL=/bin/bash
PATH=(custom, no user)
LANG=ja_JP.UTF-8
SourcePackage: lightdm
UpgradeStatus: No upgrade log present (probably fresh install)
== logout== lightdm: session) : session closed for user usb-auth lightdm: session) : session opened for user lightdm by (uid=0) connector( lightdm: session) : nox11 mode, ignoring PAM_TTY :1 if(lightdm: auth): requirement "user ingroup nopasswdlogin" not met by user "usb-auth" usr/lib/ indicator- datetime/ indicator- datetime- ser") interface= "org.freedeskto p.DBus. Properties" member="GetAll" error name="(unset)" requested_reply="0" destination=":1.17" (uid=0 pid=1380 comm="/ usr/sbin/ console- kit-daemon --no-daemon ") lightdm: session) : session closed for user lightdm lightdm: session) : session opened for user usb-auth by (uid=0) connector( lightdm: session) : nox11 mode, ignoring PAM_TTY :1
Mar 25 00:58:29 test-machine lightdm[5833]: pam_unix(
== start ligthdm ==
Mar 25 00:58:31 test-machine lightdm: pam_unix(
Mar 25 00:58:31 test-machine lightdm: pam_ck_
Mar 25 00:58:32 test-machine lightdm: pam_succeed_
Mar 25 00:58:32 test-machine pam_usb[7042]: pam_usb v0.5.0
Mar 25 00:58:32 test-machine pam_usb[7042]: Authentication request for user "usb-auth" (lightdm)
Mar 25 00:58:32 test-machine pam_usb[7042]: Device "MyKey2" is connected (good).
Mar 25 00:58:32 test-machine pam_usb[7042]: Performing one time pad verification...
Mar 25 00:58:32 test-machine pam_usb[7042]: Access granted.
Mar 25 00:58:32 test-machine dbus[1056]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.213" (uid=104 pid=7055 comm="/
== unplug the USB device ==
== login ==
Mar 25 00:58:39 test-machine lightdm: pam_unix(
Mar 25 00:58:39 test-machine lightdm[7042]: pam_unix(
Mar 25 00:58:39 test-machine lightdm[7042]: pam_ck_
== login success without the USB device ==