Bug 10416

This is always like that: userdrake shows 5 dots for your password by default, regardless of whether you have no password, a password of 20 characters, or something else. Also, regardless of whether the password is strong or not, you'll see a little red shield as if it isn't.

So what is shown doesn't reveal anything about the real password, neither its strength not its length.

Can you login with lightdm, providing no password and just pressing enter?

Keywords: (none) => NEEDINFO
CC: (none) => marja11

(In reply to Marja van Waes from comment #1)
> This is always like that: userdrake shows 5 dots for your password by
> default, regardless of whether you have no password, a password of 20
> characters, or something else. ...

Thanks for the details. Perhaps there is a security or another valid explanation why it was implemented like that (with 5 dots by default and undocumented), otherwise it would have been less confusing to leave those fields empty (with no dots inside) in case no password has been set. Hovewer, it's fine by me whether the decision would be to keep the things how there are now, in which case you might want either to adjust the bug description for the lightdm or to close this bug because it seems that the lightdm problem is an unrelated issue.

> Can you login with lightdm, providing no password and just pressing enter?

No, it just say "Incorrect password, please try again" whatever I do.
There is a change, Jani Välimaa submitted 'lightdm-gtk-greeter-1.6.0-1.mga4' (new version) about 6 hours ago.

With this change, there is a choice to make (which wasn't before):

[root@localhost bogdan]# urpmi lightdm
In order to satisfy the 'lightdm-greeter' dependency, one of the following packages is needed:
 1- lightdm-gtk3-greeter-1.6.0-1.mga4.x86_64: The Light Display Manager (GTK3 greeter) (to install)
 2- lightdm-gtk2-greeter-1.6.0-1.mga4.x86_64: The Light Display Manager (GTK2 greeter) (to install)
 3- lightdm-another-gtk-greeter-1.0.3-1.mga4.x86_64: Yet another GTK+ greeter for LightDM (to install)
 4- lightdm-razorqt-greeter-0.5.2-2.mga4.x86_64: LightDM greeter that uses the Razor-qt (Qt based) lib kit (to install)
 5- lightdm-kde-greeter-0.3.2-2.mga4.x86_64: The Light Display Manager (KDE greeter) (to install)
What is your choice? (1-5)

I tried 1st choice, removed all lightdm stuff and did another attempt with the 3rd choice without success (same bad result as with the 1st choice, still complaining about the incorrect password).
With this new 'lightdm-gtk-greeter-1.6.0-1.mga4' things are even worse because whatever change I make in lightdm screen (switch between my user and xguest, switch between available desktop environments, etc.) lightdm just restart itself and doesn't accept any change. That part of functionality worked before (that was yesterday), now everything seems broken.
It might be a work in progress here and things will settle after few days ...

Keywords: NEEDINFO => (none)

@ Bogdan

Thx for all the additional information.

Assigning to wally (Jani)

@ Jani

Sorry, I do not have time to try to reproduce the issue.

Assignee: bugsquad => jani.valimaa
Summary: Despite setting user without password at installation, user appears to have a password in userdrake => lightdm doesn't allow to login with an empty password
Source RPM: (none) => lightdm

Only thing I can reproduce is this 'can't login with empty passwd'. Gtk2, gtk3, another-gtk and razor greeters works OK with two test users (with passwd) and Xfce.

Which DE are you using? Could you attach /var/log/lightdm/lightdm.log and /var/log/lightdm/x-0-greeter.log?

BTW, it's possible to have more than one greeter installed. Used greeter can be changed with cmd 'update-alternatives --config lightdm-greeter' as root.

One more thing, it's possible to use autologin with lightdm. Just edit /etc/lightdm/lightdm.conf and search with string autologin.

Autologin doesn't fix your real issue, but it's nice to know it's possible to login without any user interaction with lightdm too.

Lightdm is relying pam_unix when checking passwd.

man pam_unix says:
The authentication component performs the task of checking the users credentials (password). The default action of this module is to not permit the user access to a service if their official password is blank.

However it's possible to override it with nullok option.
man pam_unix says about nullok:
The default action of this module is to not permit the user access to a service if their official password is blank. The nullok argument overrides this default.

So, you can change the default behavior to allow logins with empty passwd by editing /etc/pam.d/lightdm. Search line starting with 'auth required pam_unix.so' and add 'nullok' at the end of this line.

Be aware that currently your changes are going to be overwritten when lightdm is updated next time. I guess I'll change lightdm pkg'ing such way that one can alter the default config and changes aren't overwritten.

Created attachment 4105 [details]
files from /var/log/lightdm

(In reply to Jani Välimaa from comment #4)
> Only thing I can reproduce is this 'can't login with empty passwd'.

Well, it's working fine now for me also (I mean, except login without password all the other options seems to work). I have no explanation why it didn't work at all yesterday ...

> BTW, it's possible to have more than one greeter installed. Used greeter can
> be changed with cmd 'update-alternatives --config lightdm-greeter' as root.

Thanks for the tip, however I think I will confine to just one :)
With "urpmi --test lightdm" and choosing 'lightdm-gtk3-greeter' only these will be installed. That is what I did (without --test), so I had only one greeter installed every time I tried.

 Package                        Version      Release       Arch    
(medium "Core Release")
  lib64lightdm-gobject1_0        1.7.0        3.mga4        x86_64  
  lightdm                        1.7.0        3.mga4        x86_64  
  lightdm-gtk-greeter-common     1.6.0        1.mga4        x86_64  
  lightdm-gtk3-greeter           1.6.0        1.mga4        x86_64  
605KB of additional disk space will be used.

--
The requested files (did a chmod 764 on them) were attached in Comment 7.
I use GNOME (without autologin). Unfortunately GNOME suffers from Bug 3368 (user without password cannot select desktop) so I hope that lightdm will not have a somewhat similar problem.
For autologin setup I prefer to use the Mageia tools (MCC/Boot/Set up autologin to automatically log in), currently it is set to "No" (without autologin). Next to it is also the option 'Set up display manager' which I used to switch between GDM and lightdm.

I will try your suggestion with /etc/pam.d/lightdm, but now I'm quite busy so I postpone it for the weekend. Thanks a lot for your fast support.

(In reply to Bogdan Gruescu from comment #8)
> 
> I will try your suggestion with /etc/pam.d/lightdm, but now I'm quite busy
> so I postpone it for the weekend. Thanks a lot for your fast support.

Actually I pushed those changes to new lightdm. All you need to do is update to lightdm-1.7.0-4.mga4 and login without passwd should work.

Glad it won't be necessary ... indeed, it works perfectly with 'lightdm-1.7.0-4.mga4', thanks. Marking the bug as fixed.

Status: NEW => RESOLVED
Resolution: (none) => FIXED