On 2012-05-26 14:01:21, Srivatsa wrote:
> here is detailed step by step description. i think, we have a
> minefield of bugs here!
Thanks for providing more information!
> Initial setting:
> You are logged in to an admin account.
>
> 1. Gear menu -> System Settings -> User Accounts -> create a user
> account 'test1' (do not set any password).
Note that a 'standard' account is created here, not an 'administrator'
account. This will be important later.
> 2. Gear menu -> System Settings -> User Accounts -> click on test1 ->
> Password -> Action -> Log in without a password -> Change
Note that this adds the user to the nopasswdlogin group. When lightdm is
authenticating a user in this group, it doesn't require a password. For
other services, such as sshd, the nopasswdlogin group is ignored and a
valid password is required.
> 3. Log in to test1
> 4. Set new password through terminal by running 'passwd'
Ok, so now the user account has a password set. The user is still a
member of the nopasswdlogin group, so lightdm will allow the user to
login without a password. The difference now is that the user can
authenticate with other services, such as sshd, since a password is now
set.
> 5. Log out
> 6. Log in to test1
>
> actual behaviour:
> 1. No password is asked! and you get a pop up after logging in 'Enter
> Password To Unlock Your Login Keyring'.
> 2. When you run any sudo command on terminal, system asks for test1
> password instead of admin password! after entering test1 password,
> message is displayed 'test1 is not in the sudoers file. This incident
> will be reported'
>
> expected behaviour:
> 1. test1 password should be asked upon login. Pop up should not appear.
This is not the expected behavior. Remember, the administrator has
already specified that the user is to login to the greeter without a
password.
A password is needed to unlock the keyring. Otherwise, credentials would
be stored in plaintext on the storage device. A password is required to
securely store the keyring on disk.
> 2. admin password should be asked instead of test1 password.
The root user doesn't have a password set by default, so there is no
admin password to ask for in this situation. Sudo has its own means of
restricting access with the /etc/sudoers file. See the sudoers man page
for details.
If you want the user to be able to run commands through sudo, you'll
need to add the user to the sudo group or write a custom rule in the
sudoers file specifying which commands the user can run through sudo.
>
> note:
> if at all, there is an argument that setting passwords through
> terminal and System Settings -> User Accounts (which creates a new
> user and allows to login) are not related, see point 1 below.
> 1. when you lock screen, after logging into test1, system asks for
> test1 password (that you have set through terminal in the above
> steps) when you try to log in again.
Some people prefer this functionality so that they can lock their screen
when they step away. I believe there is a setting to change this
behavior, but I don't know where it is off the top of my head. Sorry!
> 2. when switching between admin, test1 and test2 (created in same
> fashion as test1) accounts in the system, many times check mark
> appears/does not appear (random behaviour) next to the account
> names in the user list (near gear menu on top right) irrespective
> of whether you have logged in or out!
> 3. after you have logged into admin, test1 and test2 accounts and when
> you log out of any one account, at least 3 out of 5 times, system
> freezes on the main login screen where all accounts are listed!
These sound like unique bugs that should have their own bug reports.
Please file these bugs separately.
> personally, i feel ubuntu should not go the windows way by allowing
> accounts to be created without passwords. the very essence of linux
> security is let down.
I think that your idea of passwordless accounts was different than the
implementation of passwordless accounts in Ubuntu. I hope my explanation
helped!
I'm marking this bug as invalid, as the behavior works as-expected.
Tyler
** Changed in: gnome-control-center (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to gnome-control-center in Ubuntu.
https://bugs.launchpad.net/bugs/1001562
Title:
log in password is not asked
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/1001562/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
