[Bug 1847902] Re: pam_nologin should optionally exclude users of the "wheel" group from its access restrictions
Graham Leggett
1847902 at bugs.launchpad.net
Tue Mar 10 14:25:47 UTC 2020
Just locked out of an AWS machine again due to this bug. Any news on a
fix?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1847902
Title:
pam_nologin should optionally exclude users of the "wheel" group from
its access restrictions
Status in pam package in Ubuntu:
Confirmed
Bug description:
During a remote system upgrade (18.04 to 19.04) something went south and after reboot the machine is stuck at some place in its boot sequence. SSH works, but trying to log-in with a sudo-capable user results in: "System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
As Ubuntu has moved away from full root users with passwords + allowing root logins over SSH, I'm totally locked out from my remote system.
There is a bug reported for pam_nologin requesting to provide separate
exclusion mechanism but in the meantime it is possible to implement a
workaround to exclude administrative users from nologin restriction.
Here's the bug:
https://github.com/linux-pam/linux-pam/issues/42
And here is the workaround that should be implemented in Ubuntu:
https://github.com/linux-pam/linux-pam/issues/42#issuecomment-367450193
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1847902/+subscriptions
More information about the foundations-bugs
mailing list