After we upgraded our CentOS 7.0 desktops to CentOS 7.1, a critical error in the graphical login screen has appeared on all 7.1 machines:
We have 100+ users defined in /etc/passwd, and a list of names is presented on the initial login screen. However, it's impossible to scroll up or down in this user list to select the desired user. The middle mouse button seems to be disabled, so scrolling has become impossible! One can use the left and right mouse buttons to select one of the users in view, but no one else.
This seems definitely to be a critical bug in CentOS 7.1.
Workarounds:
1. Log in non-graphically using Ctrl-Alt-F2, then run the command startx.
2. Trim down /etc/passwd to 1 (or a few) relevant users.
On 2015-04-09, Ole Holm Nielsen Ole.H.Nielsen@fysik.dtu.dk wrote:
After we upgraded our CentOS 7.0 desktops to CentOS 7.1, a critical error in the graphical login screen has appeared on all 7.1 machines:
We have 100+ users defined in /etc/passwd, and a list of names is presented on the initial login screen. However, it's impossible to scroll up or down in this user list to select the desired user. The middle mouse button seems to be disabled, so scrolling has become impossible! One can use the left and right mouse buttons to select one of the users in view, but no one else.
This seems definitely to be a critical bug in CentOS 7.1.
Workarounds:
- Log in non-graphically using Ctrl-Alt-F2, then run the command
startx.
- Trim down /etc/passwd to 1 (or a few) relevant users.
3. Disable the user list: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
- Disable the user list:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
I mentioned two other workarounds myself. I prefer to wait for the upstream bug to be solved: https://bugzilla.redhat.com/show_bug.cgi?id=1184802
/Ole
Liam O'Toole wrote:
On 2015-04-09, Ole Holm Nielsen Ole.H.Nielsen@fysik.dtu.dk wrote:
After we upgraded our CentOS 7.0 desktops to CentOS 7.1, a critical error in the graphical login screen has appeared on all 7.1 machines:
We have 100+ users defined in /etc/passwd, and a list of names is presented on the initial login screen. However, it's impossible to scroll up or down in this user list to select the desired user. The middle mouse button seems to be disabled, so scrolling has become impossible! One can use the left and right mouse buttons to select one of the users in view, but no one else.
This seems definitely to be a critical bug in CentOS 7.1.
<snip> Isn't there a way to open a box for "other user"?
- Disable the user list:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
This, in fact, *is* the correct answer. That it's enabled is bad.
1. Security. Having the username, which someone being nasty wants to break into, but doesn't know it, this is just that much easier. 2. You have over 100 users. That's annoying to scroll through. Certainly, each user *ought* to know their own username, and it's faster to type it in, than scroll down 5 or so names at a time through 100+. 3. See 1.
mark
Isn't there a way to open a box for "other user"?
- Disable the user list:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
This, in fact, *is* the correct answer. That it's enabled is bad.
- Security. Having the username, which someone being nasty wants to break into, but doesn't know it, this is just that much easier.
- You have over 100 users. That's annoying to scroll through. Certainly, each user *ought* to know their own username, and it's faster to type it in, than scroll down 5 or so names at a time through 100+.
- See 1.
Good point. I never liked the user list anyway. Wonder why the RHEL 7 designers chose to add it?
/Ole
On 04/09/2015 09:51 AM, Ole Holm Nielsen wrote:
Isn't there a way to open a box for "other user"?
- Disable the user list:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
This, in fact, *is* the correct answer. That it's enabled is bad.
- Security. Having the username, which someone being nasty wants to break into, but doesn't know it, this is just that much easier.
- You have over 100 users. That's annoying to scroll through. Certainly, each user *ought* to know their own username, and it's faster to type it in, than scroll down 5 or so names at a time through 100+.
- See 1.
Good point. I never liked the user list anyway. Wonder why the RHEL 7 designers chose to add it?
Likely because it is in Fedora and they did not take it out, and it is likely the default from the GNOME project as well.
To each, their own preference.
On Thu, Apr 9, 2015 at 8:09 AM, Johnny Hughes johnny@centos.org wrote:
On 04/09/2015 09:51 AM, Ole Holm Nielsen wrote:
Good point. I never liked the user list anyway. Wonder why the RHEL 7 designers chose to add it?
Likely because it is in Fedora and they did not take it out, and it is likely the default from the GNOME project as well.
A request to disable the user list filed against RHEL-6 was 'denied':
https://bugzilla.redhat.com/show_bug.cgi?id=666220
So, it's not going to change...
Akemi
On Thu, Apr 9, 2015 at 10:28 AM, Akemi Yagi amyagi@gmail.com wrote:
On Thu, Apr 9, 2015 at 8:09 AM, Johnny Hughes johnny@centos.org wrote:
On 04/09/2015 09:51 AM, Ole Holm Nielsen wrote:
Good point. I never liked the user list anyway. Wonder why the RHEL 7 designers chose to add it?
Likely because it is in Fedora and they did not take it out, and it is likely the default from the GNOME project as well.
A request to disable the user list filed against RHEL-6 was 'denied':
https://bugzilla.redhat.com/show_bug.cgi?id=666220
So, it's not going to change...
Kind of crazy that the reason fixing it was denied was that they wouldn't change behavior mid-revision in 6.x. And now it is still not fixed in 7.x, and a mid-rev change actually breaks things even more.
On 04/09/2015 11:09 AM, Johnny Hughes wrote:
On 04/09/2015 09:51 AM, Ole Holm Nielsen wrote:
Isn't there a way to open a box for "other user"?
Good point. I never liked the user list anyway. Wonder why the RHEL 7 designers chose to add it?
Likely because it is in Fedora and they did not take it out, and it is likely the default from the GNOME project as well.
To each, their own preference.
frankly, this blows my mind. not long ago there was a huge kerfuffle over the change to only allow (as someone defined it 'secure') certain passwords, requiring numbers, special characters, some minimum length and that -had to be done- because people didn't use proper passwords and couldn't be trusted to just use what was appropriate/correct for their environment.
now a completely reverse the position, plain text showing user names to the world (which has always been considered to be poor security at best) is just 'yeah, whatever you feel like doing. go ahead.'
On Thu, Apr 09, 2015 at 10:23:19AM -0400, m.roth@5-cent.us wrote:
- Disable the user list:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
This, in fact, *is* the correct answer. That it's enabled is bad.
- Security. Having the username, which someone being nasty wants to break into, but doesn't know it, this is just that much easier.
- You have over 100 users. That's annoying to scroll through. Certainly, each user *ought* to know their own username, and it's faster to type it in, than scroll down 5 or so names at a time through 100+.
- See 1.
Pretty sure that Alan filed a bug against RH with this, but, as RH seems to do these days when sysadmins complain about Fedora-isms, it was probably ignored.
Merrily trolling,
On Thu, Apr 9, 2015 at 8:13 AM, Scott Robbins scottro@nyc.rr.com wrote:
On Thu, Apr 09, 2015 at 10:23:19AM -0400, m.roth@5-cent.us wrote:
- Disable the user list:
Pretty sure that Alan filed a bug against RH with this, but, as RH seems to do these days when sysadmins complain about Fedora-isms, it was probably ignored.
Merrily trolling,
If trolling, you should have quoted my blog:
http://blog.toracat.org/2011/01/gnome-login-shows-all-valid-user-accounts-di... (shameless advertisement)
Akemi ;-)
On Thu, Apr 09, 2015 at 08:32:01AM -0700, Akemi Yagi wrote:
On Thu, Apr 9, 2015 at 8:13 AM, Scott Robbins scottro@nyc.rr.com wrote:
On Thu, Apr 09, 2015 at 10:23:19AM -0400, m.roth@5-cent.us wrote:
- Disable the user list:
Pretty sure that Alan filed a bug against RH with this, but, as RH seems to do these days when sysadmins complain about Fedora-isms, it was probably ignored.
Merrily trolling,
If trolling, you should have quoted my blog:
http://blog.toracat.org/2011/01/gnome-login-shows-all-valid-user-accounts-di... (shameless advertisement)
I was showing my post to people at work, so I'll make sure they see it. :)
Akemi Yagi wrote:
On Thu, Apr 9, 2015 at 8:13 AM, Scott Robbins scottro@nyc.rr.com wrote:
On Thu, Apr 09, 2015 at 10:23:19AM -0400, m.roth@5-cent.us wrote:
- Disable the user list:
Pretty sure that Alan filed a bug against RH with this, but, as RH seems to do these days when sysadmins complain about Fedora-isms, it was
probably
ignored.
Merrily trolling,
If trolling, you should have quoted my blog:
http://blog.toracat.org/2011/01/gnome-login-shows-all-valid-user-accounts-di... (shameless advertisement)
And you mentioned that it had been filed as a bug, and denied... and it strikes me that's the real issue, here: fedora devel *is* primarily oriented, IMO, towards individual users' systems, while I would have thought that when upstream brings it into a upstream release, they *should* be making changes so that it's appropriate for an enterprise....
mark
Aside from the annoyance of having all local users listed on the login screen we have noticed with CentOS7 using NIS and NFS home directories that once a user authenticates their home directory is automatically mounted on boot, even after rebooting and disabling the list using
echo "[org/gnome/login-screen] disable-user-list=true" > /etc/dconf/db/gdm.d/01-local-settings && dconf update
is this a separate issue with our NFS server or is this related to the userlist?
thanks
Michael
On 09/04/15 15:23, m.roth@5-cent.us wrote:
Liam O'Toole wrote:
On 2015-04-09, Ole Holm Nielsen Ole.H.Nielsen@fysik.dtu.dk wrote:
After we upgraded our CentOS 7.0 desktops to CentOS 7.1, a critical error in the graphical login screen has appeared on all 7.1 machines:
We have 100+ users defined in /etc/passwd, and a list of names is presented on the initial login screen. However, it's impossible to scroll up or down in this user list to select the desired user. The middle mouse button seems to be disabled, so scrolling has become impossible! One can use the left and right mouse buttons to select one of the users in view, but no one else.
This seems definitely to be a critical bug in CentOS 7.1.
<snip> Isn't there a way to open a box for "other user"?
- Disable the user list:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
This, in fact, *is* the correct answer. That it's enabled is bad.
Security. Having the username, which someone being nasty wants to break into, but doesn't know it, this is just that much easier.
You have over 100 users. That's annoying to scroll through. Certainly, each user *ought* to know their own username, and it's faster to type it in, than scroll down 5 or so names at a time through 100+.
See 1.
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Can you use the page-down and arrow keys to navigate the list? Which Display Manager ( [kxg]dm ) are you using? Try a different one if the keyboard navigation does not work.
On 04/09/2015 09:17 AM, Ole Holm Nielsen wrote:
After we upgraded our CentOS 7.0 desktops to CentOS 7.1, a critical error in the graphical login screen has appeared on all 7.1 machines:
We have 100+ users defined in /etc/passwd, and a list of names is presented on the initial login screen. However, it's impossible to scroll up or down in this user list to select the desired user. The middle mouse button seems to be disabled, so scrolling has become impossible! One can use the left and right mouse buttons to select one of the users in view, but no one else.
This seems definitely to be a critical bug in CentOS 7.1.
Workarounds:
Log in non-graphically using Ctrl-Alt-F2, then run the command startx.
Trim down /etc/passwd to 1 (or a few) relevant users.
--
David P. Both, RHCE Millennium Technology Consulting LLC Raleigh, NC, USA 919-389-8678
dboth@millennium-technology.com
www.millennium-technology.com www.databook.bz - Home of the DataBook for Linux DataBook is a Registered Trademark of David Both
This communication may be unlawfully collected and stored by the National Security Agency (NSA) in secret. The parties to this email do not consent to the retrieving or storing of this communication and any related metadata, as well as printing, copying, re-transmitting, disseminating, or otherwise using it. If you believe you have received this communication in error, please delete it immediately.
Can you use the page-down and arrow keys to navigate the list? Which Display Manager ( [kxg]dm ) are you using? Try a different one if the keyboard navigation does not work.
No, page up/down and arrows don't work either.
Display Manager: Whatever comes with CentOS 7.1 (cannot be changed at the login screen).
Johnny Hughes informed us that an upstream bug has been reported: https://bugzilla.redhat.com/show_bug.cgi?id=1184802
/Ole
On 04/09/2015 08:17 AM, Ole Holm Nielsen wrote:
After we upgraded our CentOS 7.0 desktops to CentOS 7.1, a critical error in the graphical login screen has appeared on all 7.1 machines:
We have 100+ users defined in /etc/passwd, and a list of names is presented on the initial login screen. However, it's impossible to scroll up or down in this user list to select the desired user. The middle mouse button seems to be disabled, so scrolling has become impossible! One can use the left and right mouse buttons to select one of the users in view, but no one else.
This seems definitely to be a critical bug in CentOS 7.1.
Workarounds:
Log in non-graphically using Ctrl-Alt-F2, then run the command startx.
Trim down /etc/passwd to 1 (or a few) relevant users.
This is an upstream bug:
This is an upstream bug:
Great, thanks for the info! Now we just need a bug fix :-)
/Ole
-
Akemi Yagi -
David Both -
Johnny Hughes -
Les Mikesell -
Liam O'Toole -
m.roth@5-cent.us -
Michael Horne -
Ole Holm Nielsen -
Scott Robbins -
zep