group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #05905
[Bug 1460649] Re: Can't unlock screen with last day password (before expired)
** Also affects: unity (Ubuntu Xenial)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1460649
Title:
Can't unlock screen with last day password (before expired)
Status in unity package in Ubuntu:
Fix Released
Status in unity source package in Xenial:
Fix Committed
Bug description:
[Impact]
When I login with last day password, all ok. But when I locked screen, I can't unlock it, receive error «Invalid password, please try again».
I think, this bug more globally — «unity-panel-service --lockscreen-mode» does not have function for changing user password.
[Test case]
How to reproduce:
You need working LDAP-server and Ubuntu with LDAP client. My client,
Ubuntu 14.04:
cat <<EOF |
ldap-auth-config ldap-auth-config/dblogin boolean false
ldap-auth-config ldap-auth-config/dbrootlogin boolean false
ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://ldap/
ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3
ldap-auth-config ldap-auth-config/move-to-debconf boolean true
ldap-auth-config ldap-auth-config/ldapns/base-dn string dc=example,dc=com
nslcd nslcd/ldap-base string dc=example,dc=com
nslcd nslcd/ldap-uris string ldap://ldap/
libnss-ldapd libnss-ldapd/nsswitch multiselect group, passwd, shadow
EOF
debconf_answers_ldap.dat
sudo debconf-set-selections debconf_answers_ldap.dat
sudo apt-get install libnss-ldapd libpam-ldap nss-updatedb libnss-db libpam-ccreds nscd libpam-cracklib
And create file /usr/share/pam-configs/mkhomedir:
Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session:
required pam_mkhomedir.so umask=0022 skel=/etc/skel
Then run:
sudo pam-auth-update
Count todays number:
echo $(($(date --utc --date "$1" +%s)/86400))
For example, 16587.
In LDAP, add user account with attribute shadowMax=10 and shadowLastChange=16577.
Try to login in Ubuntu. All ok. No errors, no messages.
Now lock the screen (Ctrl+Alt+L).
Try to unlock screen — you can't. You see error «Invalid password, please try again».
Workaround:
Login to guest account and change user to myself.
[Regression potential]
Lock might fail
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1460649/+subscriptions