LightDM package fails to remove if lightdm user is in use

Bug #924224 reported by Nica Mlg
238
This bug affects 48 people
Affects Status Importance Assigned to Milestone
lightdm (Ubuntu)
Fix Released
Medium
Unassigned
Precise
Won't Fix
Medium
Unassigned
Trusty
Triaged
Medium
Unassigned
Vivid
Won't Fix
Medium
Unassigned
Wily
Fix Released
Medium
Unassigned

Bug Description

Ubuntu 11.04.

apt-get

uninstall lightdm

ot an 'Error 8', then the crash report appeared.

ProblemType: Package
DistroRelease: Ubuntu 11.04
Package: lightdm (not installed)
ProcVersionSignature: Ubuntu 2.6.38-13.54-generic 2.6.38.8
Uname: Linux 2.6.38-13-generic i686
AptOrdering: lightdm: Purge
Architecture: i386
Date: Tue Jan 31 08:40:27 2012
ErrorMessage: el subproceso instalado el script post-removal devolvió el código de salida de error 1
InstallationMedia: Macbuntu-iso - Release i386
SourcePackage: lightdm
Title: package lightdm (not installed) failed to install/upgrade: el subproceso instalado el script post-removal devolvió el código de salida de error 1
UpgradeStatus: No upgrade log present (probably fresh install)

Related branches

Revision history for this message
Nica Mlg (nicamlg) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in lightdm (Ubuntu):
status: New → Confirmed
Revision history for this message
Steve Langasek (vorlon) wrote :

Ran into this at the Ubuntu Global Jam over the weekend, where a local user had lightdm installed on a machine that was intended to be a server so was trying to uninstall it.

Shutting lightdm down apparently left pulseaudio processes running as the lightdm user.

Changed in lightdm (Ubuntu):
status: Confirmed → Triaged
importance: Undecided → High
Revision history for this message
William Van Hevelingen (blkperl) wrote :

The the pulseaudio processes are not killed before the lightdm user is removed causing userdel to fail because the lightdm user is still running processes.

Revision history for this message
Robert Ancell (robert-ancell) wrote : Re: Can't uninstall lightdm as pulseaudio process running as lightdm user stops lightdm user being removed

The pulseaudio stuff is started by unity greeter, however the solution is probably to do some sort of killall before removing the lightdm user.

Changed in unity-greeter:
status: New → Triaged
importance: Undecided → High
Changed in unity-greeter (Ubuntu):
importance: Undecided → High
status: New → Triaged
summary: - Tried to uninstall lightdm, reported error 8, user logged in.
+ Can't uninstall lightdm as pulseaudio process running as lightdm user
+ stops lightdm user being removed
no longer affects: unity-greeter
no longer affects: unity-greeter (Ubuntu)
summary: - Can't uninstall lightdm as pulseaudio process running as lightdm user
- stops lightdm user being removed
+ LightDM package fails to remove if lightdm user is in use
Changed in lightdm (Ubuntu Vivid):
status: New → Triaged
Changed in lightdm (Ubuntu Trusty):
status: New → Triaged
Changed in lightdm (Ubuntu Precise):
status: New → Triaged
importance: Undecided → Medium
Changed in lightdm (Ubuntu Trusty):
importance: Undecided → Medium
Changed in lightdm (Ubuntu Wily):
importance: High → Medium
Changed in lightdm (Ubuntu Vivid):
importance: Undecided → Medium
Revision history for this message
Robert Ancell (robert-ancell) wrote :

<seb128> what should packages handle deluser calls in postrm/purge that fail because the user is logged in
 like lightdm when users try to remove the package from a system when the login manager is in use
<pitti> seb128: TBH I think nothing should ever call deluser automatically
 if a postrm is trying to, then at least with || true
<seb128> pitti, so purging lightdm should just let a lightdm user around?
<pitti> but the possibility of reusing a previously removed uid for a new account is a security issue
 seb128: yeah, I think that's the lesser evil
<seb128> pitti, so you would just drop the deluser call?
 rather than adding || true?
<pitti> lightdm is prone to leaking processes and leftover sessions unfortunately
 seb128: no strong opinion between || true and drop, but I'd prefer dropping it, yes
<seb128> pitti, thanks
<seb128> robert_ancell, ^
<pitti> seb128: so the problem is:
<pitti> 1. you uninstall package foo with sysuser foo, removing the sysuser foo with uid 123
 2. you install a package bar, adding sysuser bar with uid 123 (reusing)
 3. now bar's daemons "take over" any running processes of foo, and can meddle with its leftover files, etc.
<robert_ancell> pitti, fair point
<seb128> right
<pitti> in some cases (when foo doesn't write any files, or makes sure to kill its processes), deluser is a nice cleanup, but this should be ascertained before
 and lightdm in particular writes lots of files and leaks lots of sessions and processes
 at least while it's running I always have a lightdm session around; not sure whether that's still true after stopping lightdm

Revision history for this message
Robert Ancell (robert-ancell) wrote :

Note the user removal code was copied straight from the GDM package when LightDM was first packaged. So there may be a similar issue with GDM.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lightdm - 1.15.3-0ubuntu3

---------------
lightdm (1.15.3-0ubuntu3) wily; urgency=medium

  * debian/lightdm.postrm:
    - Don't remove the lightdm user/group on package removal. This fails if the
      user is still in use and leaves the risk of another user being created
      with the same UID. (LP: #924224)

 -- Robert Ancell <email address hidden> Wed, 26 Aug 2015 09:35:56 +0100

Changed in lightdm (Ubuntu Wily):
status: Triaged → Fix Released
Mathew Hodson (mhodson)
Changed in lightdm (Ubuntu Vivid):
status: Triaged → Won't Fix
Revision history for this message
Steve Langasek (vorlon) wrote :

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release

Changed in lightdm (Ubuntu Precise):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.