Bug#588380: marked as done (xdm: entering empty username logs in as "nobody")

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 7 Jul 2010 23:09:33 +0100
with message-id <20100707220932.GI3186@radis.liafa.jussieu.fr>
and subject line Re: Bug#588380: xdm: entering empty username logs in as "nobody"
has caused the Debian Bug report #588380,
regarding xdm: entering empty username logs in as "nobody"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
588380: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588380
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: xdm: entering empty username logs in as "nobody"
• From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
• Date: Thu, 08 Jul 2010 00:05:10 +0300
• Message-id: <[🔎] 84pqyzvw8p.fsf@sauna.l.org>

Package: xdm
Version: 1:1.1.10-3
Severity: normal

Steps to reproduce:
1) cat > /etc/pam.d/xdm << EOF
# $Id: xdm.pam 189 2005-06-11 00:04:27Z branden $

# lindi:
#@include common-auth
auth            required        pam_permit.so
# /lindi
@include common-account
@include common-session
@include common-password

auth            requisite       pam_nologin.so
auth            required        pam_env.so
auth            required        pam_env.so envfile=/etc/default/locale
session         required        pam_limits.so
2) hit enter to xdm login prompt

Expected results:
2) xdm complains that empty username is not valid

Actual results:
2) xdm lets me login as "nobody".

More info:
1) If this is not a bug, then please at least document it.

$ dpkg -L xdm|xargs grep nobod
/etc/X11/xdm/xdm-config:DisplayManager.willing:         su nobody -c /etc/X11/xdm/Xwilling

finds no mention of the nobody user having anything to do with xdm.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: armel (armv4tl)

Kernel: Linux 2.6.32om-gta02-2.6.32-a9254be10ac2294ea20165a87c09ea6av20
Locale: LANG=C, LC_CTYPE=fi_FI (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash

Versions of packages xdm depends on:
ii  cpp                           4:4.4.4-2  The GNU C preprocessor (cpp)
ii  debconf [debconf-2.0]         1.5.32     Debian configuration management sy
ii  libc6                         2.11.2-2   Embedded GNU C Library: Shared lib
ii  libpam0g                      1.1.1-3    Pluggable Authentication Modules l
ii  libselinux1                   2.0.94-1   SELinux runtime shared libraries
ii  libx11-6                      2:1.3.3-3  X11 client-side library
ii  libxau6                       1:1.0.5-2  X11 authorisation library
ii  libxaw7                       2:1.0.7-1  X11 Athena Widget library
ii  libxdmcp6                     1:1.0.3-2  X11 Display Manager Control Protoc
ii  libxext6                      2:1.1.1-3  X11 miscellaneous extension librar
ii  libxft2                       2.1.14-2   FreeType-based font drawing librar
ii  libxinerama1                  2:1.1-3    X11 Xinerama extension library
ii  libxmu6                       2:1.0.5-1  X11 miscellaneous utility library
ii  libxpm4                       1:3.5.8-1  X11 pixmap library
ii  libxrender1                   1:0.9.5-2  X Rendering Extension client libra
ii  libxt6                        1:1.0.7-1  X11 toolkit intrinsics library
ii  lsb-base                      3.2-23.1   Linux Standard Base 3.2 init scrip
ii  procps                        1:3.2.8-9  /proc file system utilities
ii  x11-common                    1:7.5+6    X Window System (X.Org) infrastruc
ii  x11-utils                     7.5+4      X11 utilities
ii  x11-xserver-utils             7.5+1      X server utilities

xdm recommends no packages.

xdm suggests no packages.

-- Configuration Files:
/etc/X11/xdm/Xresources changed:
! $Xorg: Xresources,v 1.3 2000/08/17 19:54:17 cpqbld Exp $
!
!
!
!
! $XFree86: xc/programs/xdm/config/Xres.cpp,v 1.6 2003/01/04 03:11:31 dawes Exp $
!
Xcursor.theme: whiteglass
xlogin*login.translations: #override \
	Ctrl<Key>R: abort-display()\n\
	<Key>F1: set-session-argument(failsafe) finish-field()\n\
	<Key>Delete: delete-character()\n\
	<Key>Left: move-backward-character()\n\
	<Key>Right: move-forward-character()\n\
	<Key>Home: move-to-begining()\n\
	<Key>End: move-to-end()\n\
	Ctrl<Key>KP_Enter: set-session-argument(failsafe) finish-field()\n\
	<Key>KP_Enter: set-session-argument() finish-field()\n\
	Ctrl<Key>Return: set-session-argument(failsafe) finish-field()\n\
	<Key>Return: set-session-argument() finish-field()
xlogin*greeting: Welcome to CLIENTHOST
xlogin*namePrompt: \040\040\040\040\040\040\040Login:
xlogin*fail: Login incorrect
xlogin*greetFont: -adobe-helvetica-bold-o-normal--24-240-75-75-p-138-iso8859-1
xlogin*font: -adobe-helvetica-medium-r-normal--18-180-75-75-p-98-iso8859-1
xlogin*promptFont: -adobe-helvetica-bold-r-normal--18-180-75-75-p-103-iso8859-1
xlogin*failFont: -adobe-helvetica-bold-r-normal--18-180-75-75-p-103-iso8859-1
xlogin*greetFace:	Serif-24:bold:italic
xlogin*face: 		Helvetica-18
xlogin*promptFace: 	Helvetica-18:bold
xlogin*failFace: 	Helvetica-18:bold
xlogin*greetFont: -adobe-helvetica-bold-o-normal--17-120-100-100-p-92-iso8859-1
xlogin*font: -adobe-helvetica-medium-r-normal--12-120-75-75-p-67-iso8859-1
xlogin*promptFont: -adobe-helvetica-bold-r-normal--12-120-75-75-p-70-iso8859-1
xlogin*failFont: -adobe-helvetica-bold-o-normal--14-140-75-75-p-82-iso8859-1
xlogin*greetFace:	Serif-18:bold:italic
xlogin*face:		Helvetica-12
xlogin*promptFace:	Helvetica-12:bold
xlogin*failFace:	Helvetica-14:bold
xlogin*borderWidth: 1
xlogin*frameWidth: 5
xlogin*innerFramesWidth: 2
xlogin*shdColor: grey30
xlogin*hiColor: grey90
xlogin*background: grey
!xlogin*foreground: darkgreen
xlogin*greetColor: Blue3
xlogin*failColor: red
*Foreground: black
*Background: #fffff0
xlogin*borderWidth: 3
xlogin*frameWidth: 0
xlogin*innerFramesWidth: 1
xlogin*shdColor: black
xlogin*hiColor: black
!xlogin*logoFileName: /usr/share/X11/xdm/pixmaps/debian.xpm
!xlogin*logoFileName: /usr/share/X11/xdm/pixmaps/debianbw.xpm
xlogin*useShape: true
xlogin*logoPadding: 10
XConsole.text.geometry:	480x130
XConsole.verbose:	true
XConsole*iconic:	true
XConsole*font:		fixed
Chooser*geometry:		700x500+300+200
Chooser*allowShellResize:	false
Chooser*viewport.forceBars:	true
Chooser*label.font:		*-new century schoolbook-bold-i-normal-*-240-*
Chooser*label.label:		XDMCP Host Menu from CLIENTHOST
Chooser*list.font:		-*-*-medium-r-normal-*-*-230-*-*-c-*-iso8859-1
Chooser*Command.font:		*-new century schoolbook-bold-r-normal-*-180-*

/etc/X11/xdm/Xsetup changed:
xsetroot -solid black
killall xvkbd
xrdb -merge /etc/X11/xdm/xvkbd-xdm.resources
dim="`xdpyinfo | grep dimensions: | awk '{print $2}'`"
case "$dim" in
    640x480)
	xvkbd -no-repeat -no-keypad -no-functionkey -xdm -geometry 480x230+80+220 -xsendevent &
	;;
    *) # 480x640
	xvkbd -no-repeat -no-keypad -no-functionkey -xdm -geometry 480x230+0+380 -xsendevent &
	;;
esac

/etc/X11/xdm/Xstartup changed:
PATH="$PATH:/usr/bin/X11"
killall xvkbd
if [ -e /etc/nologin ]; then
  # always display the nologin message, if possible
  if [ -s /etc/nologin ] && which xmessage > /dev/null 2>&1; then
    xmessage -file /etc/nologin -geometry 640x480
  fi
  if [ "$(id -u)" != "0" ] && \
     ! grep -qs '^ignore-nologin' /etc/X11/xdm/xdm.options; then
    exit 1
  fi
fi
if grep -qs '^use-sessreg' /etc/X11/xdm/xdm.options \
  && which sessreg >/dev/null 2>&1; then
    exec sessreg -a -l "$DISPLAY" -u /var/run/utmp \
                 -x /etc/X11/xdm/Xservers "$USER"
  # NOTREACHED
fi
exit 0

/etc/pam.d/xdm changed:
auth            required        pam_permit.so
@include common-account
@include common-session
@include common-password
auth		requisite	pam_nologin.so
auth		required	pam_env.so
auth		required	pam_env.so envfile=/etc/default/locale
session		required	pam_limits.so


-- debconf information:
  xdm/stop_running_server_with_children: false
  xdm/daemon_name: /usr/bin/xdm
* shared/default-x-display-manager: xdm

--- End Message ---

--- Begin Message ---

• To: Timo Juhani Lindfors <timo.lindfors@iki.fi>, 588380-done@bugs.debian.org
• Subject: Re: Bug#588380: xdm: entering empty username logs in as "nobody"
• From: Julien Cristau <jcristau@debian.org>
• Date: Wed, 7 Jul 2010 23:09:33 +0100
• Message-id: <20100707220932.GI3186@radis.liafa.jussieu.fr>
• In-reply-to: <[🔎] 84pqyzvw8p.fsf@sauna.l.org>
• References: <[🔎] 84pqyzvw8p.fsf@sauna.l.org>

On Thu, Jul  8, 2010 at 00:05:10 +0300, Timo Juhani Lindfors wrote:

> Package: xdm
> Version: 1:1.1.10-3
> Severity: normal
> 
> Steps to reproduce:
> 1) cat > /etc/pam.d/xdm << EOF
> # $Id: xdm.pam 189 2005-06-11 00:04:27Z branden $
> 
> # lindi:
> #@include common-auth
> auth            required        pam_permit.so
> # /lindi
> @include common-account
> @include common-session
> @include common-password
> 
> auth            requisite       pam_nologin.so
> auth            required        pam_env.so
> auth            required        pam_env.so envfile=/etc/default/locale
> session         required        pam_limits.so
> 2) hit enter to xdm login prompt
> 
> Expected results:
> 2) xdm complains that empty username is not valid
> 
> Actual results:
> 2) xdm lets me login as "nobody".
> 
> More info:
> 1) If this is not a bug, then please at least document it.
> 
> $ dpkg -L xdm|xargs grep nobod
> /etc/X11/xdm/xdm-config:DisplayManager.willing:         su nobody -c /etc/X11/xdm/Xwilling
> 
> finds no mention of the nobody user having anything to do with xdm.
> 
This seems to be documented in pam_permit(8).  Closing.

Cheers,
Julien

Attachment: signature.asc
Description: Digital signature

--- End Message ---