[Bug 882255] Re: No administrative actions possible (password refused) after enabling passwordless login

Brian Murray brian at ubuntu.com
Mon Nov 7 20:16:14 UTC 2011 

I think the particular issue here is that the tool, User Accounts, is
removing the user's password when you choose "Log in without a
password".  User Accounts is provided by the package accountsservice so
I am changing the package affected to that.

** Package changed: sudo (Ubuntu) => accountsservice (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/882255

Title:
  No administrative actions possible (password refused) after enabling
  passwordless login

Status in “accountsservice” package in Ubuntu:
  Triaged

Bug description:
  If I choose not to have a password for my operating account, every
  operation fails if it needs root access. Reproducible even on a newly
  set up machine. See: http://ubuntuforums.org/showthread.php?t=1862543

  Release: 11.10

  Steps to reproduce:
  1. Install Ubuntu 11.10 as normal. During installation, when you are asked to choose a password, enter one, since the installation can not continue if you do not do so.
  2. Boot the newly installed system and log in as usual.
  3. Choose "System Settings" from the launcher on the left and open "User Accounts".
  4. In the User Accounts window, click on Unlock at the top right of the dialog. Enter your user password when prompted.
  5. Click on the four dots next to the "Password" label to change your password.
  6. Select "Log in without a password" from the dropdown box. Close the window.
  7. Try to perform an action requiring administrative privileges. For example, try running "sudo apt-get update" from a terminal.

  Expected behavior:
  sudo should require the user's password and accept it, or proceed without requiring any password altogether.

  Actual behavior:
  sudo requires the user's password and does not accept it (since it is set to an empty string in /etc/shadow).

  Further notes:
  After disabling the password request at login, the /etc/shadow file related to the test user account I created looked like this:
  test::15283:0:99999:7:::
  This shows that the password hash is made completely empty; that conflicts with the policies listed in /etc/sudoers, which require a password to be given in order to 

  Workaround:
  -If you can not perform administrative actions but can still login without a password, open a terminal and type "passwd". This command should prompt you for a new password and change it without any problems.
  -If you can not login, you can reset your password by booting into recovery mode and changing it there. Follow the instructions at <http://psychocats.net/ubuntu/resetpassword>.

  You may also choose to use a password for your account and to enable
  autologin at the same time. This choice will enable you to benefit the
  advantage of not entering a password at boot time with the security of
  Ubuntu requiring your password when attempting to perform privileged
  actions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/882255/+subscriptions

More information about the foundations-bugs mailing list