Hello mtemp, or anyone else affected, Accepted systemd into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.34 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: systemd (Ubuntu Bionic) Status: In Progress => Fix Committed ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1762391 Title: pam_group.so is not evaluated by gnome-terminal Status in systemd: New Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Xenial: Won't Fix Status in systemd source package in Bionic: Fix Committed Status in systemd source package in Cosmic: Won't Fix Status in systemd source package in Eoan: Fix Committed Status in systemd source package in Focal: Fix Released Bug description: [Impact] pam_setcred call was missing in systemd making its implementation of the PAM protocol incomplete. It could manifest in different ways, but one particularly problematic for enterprise environments was the fact that processes were never getting group membership they were expected to get via pam_group module. [Test Case] * Add a /etc/security/group.conf entry, e.g. *;*;*;Al0000-2400;dialout,users * Add pam_group to your PAM stack, e.g. /etc/pam.d/common-auth * Login to the system and launch gnome-terminal (it will be launched via gnome-terminal-server launched by systemd --user + dbus). Expected result: Logged in user is a member of 'dialout' and 'users' groups. Actual result: no group membership gained from pam_group. [Regression Potential] * It introduces a new PAM warning message in some scenarios (e.g. for systemd DynamicUser=1 units) for users that can't authenticate (pam_setcred fails in such case). * In certain systems user group membership may be extended by pam_group. [Other Info] Original bug description: We are using Ubuntu in a university network with lots of ldap users. To automatically map ldap users/groups to local groups we are using pam_group.so. This has worked for years. With the upgrade from Xenial to Bionic /etc/security/group.conf is not evaluated anymore by gnome-terminal as it runs as systemd --user. Xterm, ssh, su, and tty* however do work as expected. Only the default gnome-terminal behaves different. According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851243 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756458 this might not be a bug, but a feature. Nevertheless this behavior is very unexpected when upgrading from Xenial to Bionic and therefore should at least added to the changelog. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-terminal 3.28.0-1ubuntu1 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu4 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Apr 9 13:17:52 2018 InstallationDate: Installed on 2018-03-29 (11 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180321) SourcePackage: gnome-terminal UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1762391/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
