Ubuntu
lightdm package

passwd and group entries are not removed on logout from a guest session

Bug #1556516 reported by Jeff Norden
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lightdm (Ubuntu)
Fix Released
Low
Gunnar Hjalmarsson

Bug Description

When a guest session is finished, the guest-xxxx entries don't get removed from /etc/passwd and /etc/group (at least they don't always get removed). The problem is that the userdel command in the /usr/sbin/guest-account script fails because some of the guest processes are not yet dead at the time that it runs. An earlier line in the script uses loginctl to tell systemd to kill the guest's processes, but this isn't completed by the time that userdel runs.

The simplest fix is to just call userdel with the --force flag, so that it removes the password and group entries even if the processes are still there. This doesn't cause any problems. The lingering guest-xxxx processes are gone by the time you log in as a regular user.

A trivial patch file for /usr/sbin/guest-account is attached. Also, the 2008 copyright at the top of the file should really be updated! I don't think that loginctl existed in 2008 (ah, the good ole days :)

Here is the tail of some debugging output that I obtained by modifying /usr/sbin/guest-account so that I could see what it was going on. This confirms the behavior that I mentioned above.

+ GUEST_HOME=/tmp/guest-8iwujo
+ [ -x /bin/loginctl ]
+ loginctl kill-user guest-8iwujo
+ [ /tmp/guest-8iwujo = guest-8iwujo ]
+ umount /tmp/guest-8iwujo
umount: /tmp/guest-8iwujo: target is busy
        (In some cases useful info about processes that
         use the device is found by lsof(8) or fuser(1).)
+ umount -l /tmp/guest-8iwujo
+ umount /tmp/guest-8iwujo
umount: /tmp/guest-8iwujo: not mounted
+ umount -l /tmp/guest-8iwujo
umount: /tmp/guest-8iwujo: not mounted
+ true
+ umount /tmp/guest-8iwujo
umount: /tmp/guest-8iwujo: not mounted
+ umount -l /tmp/guest-8iwujo
umount: /tmp/guest-8iwujo: not mounted
+ true
+ rm -rf /tmp/guest-8iwujo
+ xargs -0 rm -rf
+ find /tmp -mindepth 1 -maxdepth 1 -uid 999 -print0
+ [ -d /run/media/guest-8iwujo ]
+ [ -d /media/guest-8iwujo ]
+ ps -lww -u guest-8iwujo
F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD
0 S 999 7128 1 0 80 0 - 88460 poll_s ? 00:00:00 at-spi-bus-laun
0 R 999 7214 1 0 80 0 - 162593 - ? 00:00:00 nm-applet
0 R 999 7222 1 1 80 0 - 138676 - ? 00:00:00 tilda
+ userdel guest-8iwujo
userdel: user guest-8iwujo is currently used by process 7128

See original description
Tags: patch
Revision history for this message
Jeff Norden (norden-jeff) wrote :
Revision history for this message
Jeff Norden (norden-jeff) wrote :

Attached is the wrapper that I used to capture the output of the guest account script when it is run from lightdm. Rename this to /usr/sbin/guest-account to use it.

Revision history for this message
Jeff Norden (norden-jeff) wrote :

Attached is a slightly modified script for use with the wrapper. It shows the lingering processes (if any) before calling userdel. Install along with the wrapper in /usr/sbin to use.

description: updated
Revision history for this message
Jeff Norden (norden-jeff) wrote :
Revision history for this message
Jeff Norden (norden-jeff) wrote :

Another suggestion. It would probably be wise to add "--signal=9" to the loginctl call. This will help prevent any badly-behaved guest processes from hanging around after the guest session ends. I wouldn't recommend going back to the old while loop that uses killall and sleep. It looks like that loop will prevent the guest login from *ever* logging out if the guest manages to create a zombie process. Thinking back on it, I believe that I encountered that behavior in the past.

A revised patch file is attached.

Jeff Norden (norden-jeff)
summary: - passwd and group entries are not removed on logout
+ passwd and group entries are not removed on logout from a guest session
Revision history for this message
Jeff Norden (norden-jeff) wrote :

Additional info: I encountered this bug using the 16.04 beta version of the ubunut-mate desktop. Looking back at older versions, it doesn't seem to be present in current releases, since it looks like the 15.10 version of the guest-account script doesn't use the logninctl command. I also tried to reproduce it using an install of the 16.04 unity desktop into a virtual-machine, and was *not* able to trigger the bug. I don't know if this is because of the way unity works or because of the timing of using a VM.

Jeff Norden (norden-jeff)
affects: lightdm → lightdm (Ubuntu)
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "patch file fix /usr/sbin/guest-account" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Gunnar Hjalmarsson (gunnarhj) wrote :

Thanks, Jeff. Makes sense to me.

Made a merge proposal out of your suggestions, to call the lightdm maintainer's attention to it faster.

Changed in lightdm (Ubuntu):
assignee: nobody → Gunnar Hjalmarsson (gunnarhj)
importance: Undecided → Low
status: New → In Progress
Robert Ancell (robert-ancell)
Changed in lightdm:
status: New → Fix Committed
no longer affects: lightdm
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lightdm - 1.18.0-0ubuntu1

---------------
lightdm (1.18.0-0ubuntu1) xenial; urgency=medium

  * New upstream release:
    - Small documentation fixes
  * debian/guest-account.sh:
    - More forcibly remove guest sessions so they don't remain after logout
      (LP: #1556516)

 -- Robert Ancell <email address hidden> Wed, 23 Mar 2016 15:09:54 +1300

Changed in lightdm (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Jeff Norden (norden-jeff) wrote :

Great! Thanks for incorporating my suggestion so quickly!

regards,
-Jeff

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.