desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #47442
[Bug 888355] [NEW] users-admin should not allow creation of users with encrypted home who aren't asked for password on login
Public bug reported:
Tested in Ubuntu 11.04 and 11.10. Steps to reproduce:
1) Go to "Users and Groups" (users-admin)
2) Click "Add"
3) Pick any name
4) Check "Encrypt home folder to protect sensitive data"
5) Click "OK"
6) Set any password
7) Check "Don't ask for password on login"
8) Click OK
Expected result: An error is raised at some point, because the user will
not be able to log in.
Actual result: User is created normally. On login, the user is not
prompted for their password, so the login fails. In Ubuntu 11.04, some
cryptic error messages display and the GUI hangs; in Ubuntu 11.10,
you're returned to the login screen. Since the user is not prompted for
their password, the home directory cannot be decrypted, so login will
fail. The two options are contradictory, and it should be impossible to
select both.
It might also be worthwhile if the program responsible for login (gdm?)
detected this conflict and prompted the user for their password,
ignoring the preference not to be prompted. However, the preferences
are still logically contradictory, so the administrator should not be
allowed to select both when creating a user.
Bug #581303 and Bug #577563 are related, but were filed against gdm and
eCryptfs. The problem should still be fixed in users-admin regardless
of whether there's a workaround in gdm.
** Affects: gnome-system-tools (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-system-tools in Ubuntu.
https://bugs.launchpad.net/bugs/888355
Title:
users-admin should not allow creation of users with encrypted home who
aren't asked for password on login
Status in “gnome-system-tools” package in Ubuntu:
New
Bug description:
Tested in Ubuntu 11.04 and 11.10. Steps to reproduce:
1) Go to "Users and Groups" (users-admin)
2) Click "Add"
3) Pick any name
4) Check "Encrypt home folder to protect sensitive data"
5) Click "OK"
6) Set any password
7) Check "Don't ask for password on login"
8) Click OK
Expected result: An error is raised at some point, because the user
will not be able to log in.
Actual result: User is created normally. On login, the user is not
prompted for their password, so the login fails. In Ubuntu 11.04,
some cryptic error messages display and the GUI hangs; in Ubuntu
11.10, you're returned to the login screen. Since the user is not
prompted for their password, the home directory cannot be decrypted,
so login will fail. The two options are contradictory, and it should
be impossible to select both.
It might also be worthwhile if the program responsible for login
(gdm?) detected this conflict and prompted the user for their
password, ignoring the preference not to be prompted. However, the
preferences are still logically contradictory, so the administrator
should not be allowed to select both when creating a user.
Bug #581303 and Bug #577563 are related, but were filed against gdm
and eCryptfs. The problem should still be fixed in users-admin
regardless of whether there's a workaround in gdm.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-system-tools/+bug/888355/+subscriptions
Follow ups
References
