Bug#706753: marked as done (libpam-mklocaluser: Fail to create local user during first login)

To: Petter Reinholdtsen <pere@debian.org>
Subject: Bug#706753: marked as done (libpam-mklocaluser: Fail to create local user during first login)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Thu, 23 May 2013 22:52:13 +0000
Message-id: <[🔎] handler.706753.D706753.136934922617036.ackdone@bugs.debian.org>
References: <E1UfeHo-0003PC-FK@franck.debian.org> <[🔎] 2flsj233t4a.fsf@diskless.uio.no>

Your message dated Thu, 23 May 2013 22:47:04 +0000
with message-id <E1UfeHo-0003PC-FK@franck.debian.org>
and subject line Bug#706753: fixed in libpam-mklocaluser 0.8~deb7u1
has caused the Debian Bug report #706753,
regarding libpam-mklocaluser: Fail to create local user during first login
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
706753: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706753
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: libpam-mklocaluser: Fail to create local user during first login
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sat, 04 May 2013 13:02:45 +0200
Message-id: <[🔎] 2flsj233t4a.fsf@diskless.uio.no>

Package:  libpam-mklocaluser
Version:  0.7
Severity: serious
Tags:     patch
User:     debian-edu@lists.debian.org
Usertags: debian-edu

Yesterday it was brought to my attention that the roaming workstation
(aka laptop) profile in Debian Edu did not work in Wheezy.  Its design
is that the first time a user log in when the machine is connected to
the school network, a local user is created for the given user, and that
user can then log in on the laptop also when the machine is outside the
school network.

When trying this with the packages in wheezy, the user is not able to
log in and is thrown out when entering username and password in kdm.

This is the relevant entries in /var/log/auth.log when trying:

May  4 12:59:54 testhost kdm: :0[19878]: pam_unix(kdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost=  user=testuser
May  4 12:59:55 testhost kdm: :0[19878]: pam_sss(kdm:auth): authentication success; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=testuser
May  4 12:59:55 testhost kdm: :0[19878]: pam_unix(kdm:session): session opened for user testuser by (uid=0)
May  4 12:59:55 testhost pam_mklocaluser[19878]: Creating local passwd entry uid=1000(testuser) gid=1000(testuser) gecos='Petter Reinholdtsen' home=/home/testuser
May  4 12:59:55 testhost pam_mklocaluser[19878]: Unexpected exception, should never happen: must be string, not exceptions.AttributeError
May  4 12:59:55 testhost pam_mklocaluser[19878]: pam_ck_connector(kdm:session): nox11 mode, ignoring PAM_TTY :0
May  4 12:59:55 testhost kdm: :0[19878]: pam_unix(kdm:session): session closed for user testuser

I tracked down the cause, and it is triggered by changes to some python
library, possibly the subprocess library.  The following patch solve the
problem:

--- /usr/lib/libpam-mklocaluser/pam-python.py.old   2011-07-26 16:18:23.000000000 +0200
+++ /usr/lib/libpam-mklocaluser/pam-python.py  2013-05-04 12:58:29.595862692 +0200
@@ -16,13 +16,16 @@
 import syslog
 
 def runcmd(pamh, cmd):
-  proc = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE,)
+  proc = subprocess.Popen(cmd, shell=True, \
+                            stdout=subprocess.PIPE, \
+                            stderr=subprocess.PIPE,)
   while proc.poll() == None:
     pass
-  result = proc.communicate(input=None)[0]
-  if result != 0:
-    syslog.syslog("Command %(command)s failed with %(msg)s" % ( cmd, proc.stderr.read()) )
-#  print "output: %s" % output
+  (resultstdout, resultstderr) = proc.communicate(input=None)
+  if proc.returncode != 0:
+    msg = "Command '%s' failed with %s" % ( cmd, resultstderr.strip())
+    syslog.syslog(msg)
+#    print "output: %s" % msg
 
 def check_and_create_localuser(pamh, user):
   # Location of local users

The patch is already in upstream SVN will be included in the next
upstream release soon to be uploaded to unstable.

-- 
Happy hacking
Petter Reinholdtsen

--- End Message ---

--- Begin Message ---

To: 706753-close@bugs.debian.org
Subject: Bug#706753: fixed in libpam-mklocaluser 0.8~deb7u1
From: Petter Reinholdtsen <pere@debian.org>
Date: Thu, 23 May 2013 22:47:04 +0000
Message-id: <E1UfeHo-0003PC-FK@franck.debian.org>

Source: libpam-mklocaluser
Source-Version: 0.8~deb7u1

We believe that the bug you reported is fixed in the latest version of
libpam-mklocaluser, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 706753@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Petter Reinholdtsen <pere@debian.org> (supplier of updated libpam-mklocaluser package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 04 May 2013 08:25:53 +0200
Source: libpam-mklocaluser
Binary: libpam-mklocaluser
Architecture: source all
Version: 0.8~deb7u1
Distribution: wheezy
Urgency: low
Maintainer: Debian Edu Developers <debian-edu@lists.debian.org>
Changed-By: Petter Reinholdtsen <pere@debian.org>
Description: 
 libpam-mklocaluser - Configure PAM to create a local user if it do not exist already
Closes: 706753
Changes: 
 libpam-mklocaluser (0.8~deb7u1) wheezy; urgency=low
 .
   * Rewrite runcmd() to work with Python on Wheezy (Closes: #706753).
Checksums-Sha1: 
 68f8893d7c7cc33bc05c548c36fd4a0ede5b2181 1085 libpam-mklocaluser_0.8~deb7u1.dsc
 cc09e6f4207260e88883d2a8d7d11337897307d0 5269 libpam-mklocaluser_0.8~deb7u1.tar.gz
 86dd4966921a01774027f62a66ef6effe37097c3 5700 libpam-mklocaluser_0.8~deb7u1_all.deb
Checksums-Sha256: 
 51de9bb97812ba4d29abaecee2bb24c2e38a51f24f7aba733f2b631ae2fc8c83 1085 libpam-mklocaluser_0.8~deb7u1.dsc
 a921c925007ee562f9d1488fe5863d6661905fc7748107ff11c40da9d25e3604 5269 libpam-mklocaluser_0.8~deb7u1.tar.gz
 22ff8e44a62ee5bfa8ae04f7dd0701895374aa99525740bdc75f3b2d48631186 5700 libpam-mklocaluser_0.8~deb7u1_all.deb
Files: 
 a1e71c154f5d6f014407ec3407299e0a 1085 misc optional libpam-mklocaluser_0.8~deb7u1.dsc
 9ad3d71935f3f61f0e0c303562a20f47 5269 misc optional libpam-mklocaluser_0.8~deb7u1.tar.gz
 ea69c75fb0be07b3ee12e98b6ae6622e 5700 misc optional libpam-mklocaluser_0.8~deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFRnYwM20zMSyow1ykRAhOiAJ0XgHudUhO8kctFBcryHSWfJJ3e5gCg0vpj
8QIDxC5rjXvzhX0/2Rrsdn0=
=/pZR
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

References:
- Bug#706753: libpam-mklocaluser: Fail to create local user during first login
  - From: Petter Reinholdtsen <pere@hungry.com>

Prev by Date: Re: Idea: RDP based demo site for Debian Edu Wheezy
Next by Date: libpam-mklocaluser_0.8~deb7u1_i386.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Previous by thread: Bug#706753: marked as done (libpam-mklocaluser: Fail to create local user during first login)
Next by thread: libpam-mklocaluser_0.8_i386.changes is NEW
Index(es):
- Date
- Thread