Ubuntu >= 12.04 resumes from Suspend without password prompt

Bug #1083030 reported by frizzle21 on 2012-11-26
34
This bug affects 7 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned

Bug Description

in Ubuntu 12.04 (running unity 2d if that means anything), I put my computer to sleep.
Upon resuming, it did not ask for my password, leaving my workstation vulnerable to anyone who accidentally hit the keyboard to wake it up.

I checked the settings, they said explicitly "Require my password when waking from suspend" was active.
I unchecked this setting and checked it again, no improvement.

$ cat /proc/version_signature
Ubuntu 3.2.0-33.52-generic 3.2.31

There's a "Lock [ ON | OFF ]" button in the same dialog, which also has no effect on the desired feature whether on or off.
---
ApportVersion: 2.7-0ubuntu1
Architecture: amd64
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC0: fnnaji 3667 F.... pulseaudio
 /dev/snd/pcmC0D0p: fnnaji 3667 F...m pulseaudio
CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found.
DistroRelease: Ubuntu 13.04
EcryptfsInUse: Yes
HibernationDevice: RESUME=UUID=949258aa-9248-4dc3-8de6-685a942981e1
InstallationDate: Installed on 2012-10-20 (51 days ago)
InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1)
IwConfig:
 eth0 no wireless extensions.

 lo no wireless extensions.
MachineType: Hewlett-Packard HP Compaq 8100 Elite CMT PC
MarkForUpload: True
NonfreeKernelModules: nvidia
Package: linux (not installed)
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcFB:

ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.7.0-5-generic root=UUID=b6bb5205-cb7b-481b-b9d1-48ac47a08b27 ro drm.debug=0xe plymouth:debug
ProcVersionSignature: Ubuntu 3.7.0-5.13-generic 3.7.0-rc8
RelatedPackageVersions:
 linux-restricted-modules-3.7.0-5-generic N/A
 linux-backports-modules-3.7.0-5-generic N/A
 linux-firmware 1.98
RfKill:

Tags: raring
Uname: Linux 3.7.0-5-generic x86_64
UpgradeStatus: Upgraded to raring on 2012-12-09 (1 days ago)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
dmi.bios.date: 06/09/2010
dmi.bios.vendor: Hewlett-Packard
dmi.bios.version: 786H1 v01.05
dmi.board.asset.tag: CZC1102PLN
dmi.board.name: 304Bh
dmi.board.vendor: Hewlett-Packard
dmi.chassis.asset.tag: CZC1102PLN
dmi.chassis.type: 6
dmi.chassis.vendor: Hewlett-Packard
dmi.modalias: dmi:bvnHewlett-Packard:bvr786H1v01.05:bd06/09/2010:svnHewlett-Packard:pnHPCompaq8100EliteCMTPC:pvr:rvnHewlett-Packard:rn304Bh:rvr:cvnHewlett-Packard:ct6:cvr:
dmi.product.name: HP Compaq 8100 Elite CMT PC
dmi.sys.vendor: Hewlett-Packard

information type: Private Security → Public

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1083030

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: precise

apport information

tags: added: apport-collected raring
description: updated

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
frizzle21 (frederik-nnaji) wrote :

 @ Marc Deslauriers:
i consider this bug private and security-related. Or is it good for the public to know about this security loophole in Ubuntu, before it gets fixed?

Changed in linux (Ubuntu):
importance: Undecided → Medium
Joseph Salisbury (jsalisbury) wrote :

According to your bug description, it appears you are running 12.04. However, the apport data attached to the bug indicates you are running 13.04. Did you perform an upgrade from Precise to Raring? If so, did you see this issue in both Precise and Raring?

Another thing is we see the following boot options:
drm.debug=0xe plymouth:debug

Can you boot without those options and see if this bug still exists?

Changed in linux (Ubuntu):
status: Confirmed → Incomplete
Download full text (4.4 KiB)

yes, it happened in 12.04, 12.10 and 13.04a
The workstation next to mine has the same problem, same hardware, 12.04
64bit fresh install.

I never added any custom boot options, but i'll gladly edit that line if u
think it helps with debugging next time i'm at my desk.
Yes, i upgraded my box since i originally reported the issue.
I don't have this issue on my laptop otoh, the boot options don't contain
that debug flag here:

$ grep "Kernel command line" /var/log/syslog.1
Dec 15 07:52:46 aceris kernel: [ 0.000000] Kernel command line:
BOOT_IMAGE=/vmlinuz-3.7.0-5-generic
root=UUID=46014c11-a5ee-4ba3-a2d7-ee2896dc3ce5 ro quiet splash

i'll try with the workstation computer first thing on monday!

On Wed, Dec 12, 2012 at 10:13 PM, Joseph Salisbury <
<email address hidden>> wrote:

> According to your bug description, it appears you are running 12.04.
> However, the apport data attached to the bug indicates you are running
> 13.04. Did you perform an upgrade from Precise to Raring? If so, did
> you see this issue in both Precise and Raring?
>
> Another thing is we see the following boot options:
> drm.debug=0xe plymouth:debug
>
> Can you boot without those options and see if this bug still exists?
>
> ** Changed in: linux (Ubuntu)
> Status: Confirmed => Incomplete
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1083030
>
> Title:
> Ubuntu 12.04 resumes from Suspend without password prompt
>
> Status in “linux” package in Ubuntu:
> Incomplete
>
> Bug description:
> in Ubuntu 12.04 (running unity 2d if that means anything), I put my
> computer to sleep.
> Upon resuming, it did not ask for my password, leaving my workstation
> vulnerable to anyone who accidentally hit the keyboard to wake it up.
>
> I checked the settings, they said explicitly "Require my password when
> waking from suspend" was active.
> I unchecked this setting and checked it again, no improvement.
>
>
> $ cat /proc/version_signature
> Ubuntu 3.2.0-33.52-generic 3.2.31
>
> There's a "Lock [ ON | OFF ]" button in the same dialog, which also has
> no effect on the desired feature whether on or off.
> ---
> ApportVersion: 2.7-0ubuntu1
> Architecture: amd64
> AudioDevicesInUse:
> USER PID ACCESS COMMAND
> /dev/snd/controlC0: fnnaji 3667 F.... pulseaudio
> /dev/snd/pcmC0D0p: fnnaji 3667 F...m pulseaudio
> CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1:
> nl80211 not found.
> DistroRelease: Ubuntu 13.04
> EcryptfsInUse: Yes
> HibernationDevice: RESUME=UUID=949258aa-9248-4dc3-8de6-685a942981e1
> InstallationDate: Installed on 2012-10-20 (51 days ago)
> InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64
> (20120823.1)
> IwConfig:
> eth0 no wireless extensions.
>
> lo no wireless extensions.
> MachineType: Hewlett-Packard HP Compaq 8100 Elite CMT PC
> MarkForUpload: True
> NonfreeKernelModules: nvidia
> Package: linux (not installed)
> ProcEnviron:
> TERM=xterm
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=en_US.UTF-8
> SHELL=/bin/bash
>...

Read more...

I can reproduce this problem with a 12.04 installation, running on a Lenovo ThinkPad R61.
Opening one of the menus in the top panel and then suspending the computer seems to trigger this behaviour reliably.

Steps to reproduce:
1. Click on the settings button to open the drop down menu (though any indicator menu will do)
2. Close the laptop lid to trigger suspension
3. Open the lid again

In some instances the password prompt shows up after a second or so, but most of the time I get straight to the desktop without any prompt.

On Wed, Dec 12, 2012 at 10:13 PM, Joseph Salisbury <
<email address hidden>> wrote:

>
> Another thing is we see the following boot options:
> drm.debug=0xe plymouth:debug
>
> Can you boot without those options and see if this bug still exists?
>

i'm sorry, i don't get anywhere booting raring alpha without these flags on
the grub command line..

ok, i booted 13.04 without the debug options (drm.debug=0xe plymouth:debug), clean.
Problem still occurs.

please advise

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
frizzle21 (frederik-nnaji) wrote :
Joseph Salisbury (jsalisbury) wrote :

Can you check that screen locking is enabled? You can do this bug going to: All Settings -> Brightness & Lock. On that screen, ensure that "Lock" is ON and "Require my password when waking from suspend" is checked.

Changed in linux (Ubuntu):
status: Confirmed → Incomplete
x (xyzx-deactivatedaccount) wrote :

In my case "Lock" is ON and "Require my password when waking from system" is checked.
When there is no indicator menu open while suspending, it works as expected and I get the password prompt. However I can still reproduce the issue by following the steps from #18.

frizzle21 (frederik-nnaji) wrote :

As i already wrote in the description on top, it doesn't matter whether or not screen locking is enabled.
The computer wakes up without password promt either way.
I tried this in 12.04, 12.10 and in 13.04.

Perhaps it might be interesting for you to know, that Unity 3d never worked on this computer in the first place.
During the first months i was using Unity 2d, now i'm Using the Gnome Fallback session.

This is because there seems to be an issue with my 4-monitor setup and NVIDIA Compositing.

summary: - Ubuntu 12.04 resumes from Suspend without password prompt
+ Ubuntu >= 12.04 resumes from Suspend without password prompt
Launchpad Janitor (janitor) wrote :

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]

Changed in linux (Ubuntu):
status: Incomplete → Expired
Yani Raafezaj (ytraaf) wrote :

Don't know if I'm supposed to reopen this or something, but I'm getting this on Ubuntu 12.04. It's been intermittent before, but for the past week or so (maybe longer) it's been happening consistently. When the screen locks after inactivity, sometimes it lets me click around for a bit on the desktop and do things before it kicks me out and prompts me for the password.

This is exactly happening to me. A very major and number of issues i am facing since I installed 13.04.

1. Suspend don't work from the menu , I always have to use TERMINAL command do to the suspend
2. Sometime it works perfectly and sometime after I close the lid and I found that it heats up the laptop and resumes automatically while the lid is still closed.
3. Sometime if it works then it does not ask for any password.

Everytime I have to pay REAL ATTENTION while closing my laptop or suspend in my office so other's can't access and my laptop should be locked. It is really getting annoying everyday and I hate it when my new laptop heats. There is no problem with the OS but simply lock and suspend issues are everyday issue.

I've got the same problem with at least 13.04 and now with 13.10.

I've noticed, that the gnome-screensaver deamon wasn't running after a fresh login. Once the deamon is running, locking after suspend is working again.

I didn't figure out, why this deamon isn't running. However my simple workaround: just add the gnome-screensaver to the session startup list (gnome-session-properties).

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers