You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In my system (Fedora 40 KDE), I attempted to set up the PureFTP server and allow FTP connections to that machine. If I do not want to use my real system users, I can set up one global FTP user and have it cover all the virtual users inside the PureFTP. This global user, however, is a system user with disabled home directory and with disabled login, automatically, the user's ID is chosen as the lowest possible value AFTER other users, which results in the ID in the rank above 1000, being 1001 in my case.
SDDM will still show this user in the login screen, although the real person sitting behind the keyboard cannot use that user to login. This, I believe, should not be happening. This is always reproducible.
Steps to Reproduce
Install Fedora 40 KDE.
Open Konsole.
Add a new group for FTP groupadd ftpusers
Add a new user within this group, with login disabled useradd -g ftpusers -d /dev/null -s /sbin/nologin ftpuser
Reboot the computer and watch the SDDM login screen.
Actual Results
The user is shown at the SDDM login screen.
Expected Results
The user should not be shown at the SDDM login screen, because one can't log in is that user. Only users with enabled log ins should be shown at that screen. The GDM behaves correctly and does not show that user.
Consider, making it the default option.
More info
In the sddm.conf, there is a [Users] section that has a the HideShells option which is currently empty. When I change it to
HideShell=/sbin/nologin
that FTP user is not longer shown in SDDM which I think should be a default behaviour.
Can be done, but all user accounts not meant to be used by actual users should be created with useradd --system which puts their UID into the range already ignored by sddm.
Description
In my system (Fedora 40 KDE), I attempted to set up the PureFTP server and allow FTP connections to that machine. If I do not want to use my real system users, I can set up one global FTP user and have it cover all the virtual users inside the PureFTP. This global user, however, is a system user with disabled home directory and with disabled login, automatically, the user's ID is chosen as the lowest possible value AFTER other users, which results in the ID in the rank above 1000, being 1001 in my case.
SDDM will still show this user in the login screen, although the real person sitting behind the keyboard cannot use that user to login. This, I believe, should not be happening. This is always reproducible.
Steps to Reproduce
groupadd ftpusers
useradd -g ftpusers -d /dev/null -s /sbin/nologin ftpuser
Actual Results
The user is shown at the SDDM login screen.
Expected Results
The user should not be shown at the SDDM login screen, because one can't log in is that user. Only users with enabled log ins should be shown at that screen. The GDM behaves correctly and does not show that user.
Consider, making it the default option.
More info
In the
sddm.conf
, there is a[Users]
section that has a the HideShells option which is currently empty. When I change it toHideShell=/sbin/nologin
that FTP user is not longer shown in SDDM which I think should be a default behaviour.
Also reported as https://bugzilla.redhat.com/show_bug.cgi?id=2273942
The text was updated successfully, but these errors were encountered: