← Back to team overview

epoptes team mailing list archive

[Bug 1338051] Re: Epoptes does not honor group membership granted on per-session basis via pam_group


Hello and thanks for your bug report!

It seems that the grp python module wasn't compatible with pam_group.
Now instead of checking if a user is member of the epoptes group, we
just try to read/connect to the socket and if we fail we then show an
error message.

It would be great if you could test from the trunk though. (The only
file you need to replace is /usr/bin/epoptes)

Thank you!

** Changed in: epoptes
   Importance: Undecided => Medium

** Changed in: epoptes
       Status: Confirmed => Fix Committed

You received this bug notification because you are a member of Epoptes
Developers, which is subscribed to Epoptes.

  Epoptes does not honor group membership granted on per-session basis
  via pam_group

Status in Epoptes:
  Fix Committed

Bug description:
  pam_group is a pam module that grants group membership to users on a per-session basis (http://www.linux-pam.org/Linux-PAM-html/sag-pam_group.html).
  We would like to use it to grant access to epoptes for many users. However, epoptes does not honor this group membership. It seems, epoptes does not check for groups granted by pam_group, just those defined locally in /etc/groups.

  See attached screenshot: As seen from the output of "groups", user "kup" is clearly a member of group "epoptes". However, epoptes complains that he is not, and refuses to start.
  Group membership to "epoptes" was granted to "kup" by pam_groups. Other users listed in /etc/groups can start epoptes.

  This seems to be a bug in the way epoptes checks for group membership.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: epoptes (not installed)
  ProcVersionSignature: Ubuntu 3.13.0-30.54-generic
  Uname: Linux 3.13.0-30-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.14.1-0ubuntu3.2
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Sat Jul  5 13:38:26 2014
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2012-12-20 (561 days ago)
  InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
  SourcePackage: epoptes
  UpgradeStatus: Upgraded to trusty on 2014-04-18 (78 days ago)

To manage notifications about this bug go to: