root user displayed on greeter screen

Thanks Marc, could you check if that's fixed in trusty or with the version waiting in the saucy SRU queue? That seems similar to bug #1242939

The lightdm version in the saucy SRU queue is the one I just pushed out as a security update, and it definitely is affected.

I can also reproduce this with 1.9.2-0ubuntu1 in trusty.

Found the problem - while AccountsService doesn't return system users when calling ListCachedUsers() it does generate the UserAdded signal when a system user is created (e.g. by calling FindUserByName()). The greeter then picks up this new user and doesn't check if it's a system user.

I think this is the actual cause of the LightDM user showing up - the daemon gets this user via FindUserByName and if there happens to be a greeter open at this time (probably racy) then the greeter will show the user.

lp:~robert-ancell/lightdm/system-user fixes this by ignoring system users when generating the user list for the greeter.

Fix committed into lp:lightdm at revision None, scheduled for release in lightdm, milestone Unknown

This bug was fixed in the package lightdm - 1.9.3-0ubuntu1

---------------
lightdm (1.9.3-0ubuntu1) trusty; urgency=low

  * New upstream release:
    - Don't pass system user accounts from AccountsService to greeters.
      (LP: #1248541)
    - Fix crash if switching to greeter and it isn't installed. (LP: #1246529)
 -- Robert Ancell <email address hidden> Thu, 07 Nov 2013 15:07:34 +1300

Hello Marc, or anyone else affected,

Accepted lightdm into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/lightdm/1.8.5-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

The fix for this bug has been awaiting testing feedback in the -proposed repository for saucy for more than 90 days. Please test this fix and update the bug appropriately with the results. In the event that the fix for this bug is still not verified 15 days from now, the package will be removed from the -proposed repository.

I have successfully tested the package in saucy-proposed, and it works as intended and solves the issue.

This bug was fixed in the package lightdm - 1.8.5-0ubuntu1

---------------
lightdm (1.8.5-0ubuntu1) saucy; urgency=low

  * New upstream release:
    - Don't pass system user accounts from AccountsService to greeters.
      (LP: #1248541)
    - Fix crash if switching to greeter and it isn't installed. (LP: #1246529)
 -- Robert Ancell <email address hidden> Thu, 07 Nov 2013 15:39:20 +1300

The verification of the Stable Release Update for lightdm has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.