[Desktop-packages] [Bug 1617022] Re: box width not resized for pam messages

2017-09-11 Thread Joshua Burgess 
This also affects our school district. We have been unable to find any
greeter that fully displays the entire PAM message. We are using FreeIPA
with Kerberos, but it should also affect anyone using modern security
practices with LDAP or PAM. For example, if the user is required to
change their password, and their new password is too short, they will
get the message "Bad Password: To s", making the process very
confusing for them. This makes it impractical to have any password
requirements (minimum characters, dictionary check, etc.) because the
user can't see why their password was rejected.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to unity-greeter in Ubuntu.
https://bugs.launchpad.net/bugs/1617022

Title:
  box width not resized for pam messages

Status in unity-greeter package in Ubuntu:
  Confirmed

Bug description:
  Description: Ubuntu 16.04.1 LTS
  Release: 16.04
  Package version: 16.04.2-0ubuntu1

  
  Is it possible to either dynamically expand the width and height of
  the greeter box in order to fully display PAM messages?   If one uses
  Kerberos for authentication, the Unity greeter truncates/fades out the
  full text returned by PAM concerning Kerberos password/principal expiry:
  The attached unity-greeter-truncations.tar file contains three PNG files
  illustrating truncation when:

  - a password is about to expire.
  ['password_expire_soon.png']

  - you enter the previous password in the 'change password' dialog and
  local policy prevents re-use.
  ['expired_same_password.png']

  - you enter a password that does not meet local policy requirements
  in the 'change password' dialog.
  ['password_change_rejected.png']

  The truncation can make it difficult for end-users to understand
  what is going on.  Other display managers - such as gdm and mdm -
  are able to display such text in full.

  In the ubuntu-greeter source src/greeter-list.vala, it is possible to
  increase the default width of the greeter box by increasing the value below:

  public static const int BOX_WIDTH = 8;

  This is not a great solution because the login box is aesthetically
  unpleasant when it is that wide at all times.  Furthermore, the
  PAM text displayed by unity-greeter is not line-wrapped, making 
  the choice of a suitable value for BOX_WIDTH impractical.

  unity-greeter clearly has support for dynamically adjusting the height
  of the greeter box.  Would it be possible, therefore, to add support
  for dynamically adjusting the width and to format displayed PAM text
  so that it is at most, say, seventy-five characters long?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity-greeter/+bug/1617022/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1702985] [NEW] Change expired password dialog missing

2017-07-07 Thread Joshua Burgess 
Public bug reported:

On Ubuntu-mate 16.04.2, with FreeIPA 4.3.1.0, SSSD 1.13.4-1  and LightDM
1.18.3 (with lightdm-gtk-greeter 2.0.1-2) I am not seeing the normal
prompts that should come up when a user's password has expired. When a
user attempts to log in with an expired password, they should be
notified that their password has expired, and then prompted to re-enter
their current password. If their current password is accepted, they
should then be prompted to enter a new password. If that password meets
the system's requirements, they should then be prompted to enter their
new password a second time to confirm it.

On my system I am seeing the first message, the user is informed that
their password has expired and must be changed. However, I am not seeing
any subsequent prompts. The user is presented with a blank password
field three times with no instruction. Their login will succeed if they
know they need to enter their current password, press enter, enter their
new password, press enter, and then enter their new password again, and
press enter, there is just no dialog to inform them of this.

If I install GDM on the same system and set it as the default, it works
correctly. A text notification is displayed, telling the user what to
enter in the password field (i.e "Current Password", "New Password",
"Confirm New Password"). If I install the Unity-greeter that comes with
Ubuntu 16.04 standard, it also works correctly.

** Affects: lightdm (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1702985

Title:
  Change expired password dialog missing

Status in lightdm package in Ubuntu:
  New

Bug description:
  On Ubuntu-mate 16.04.2, with FreeIPA 4.3.1.0, SSSD 1.13.4-1  and
  LightDM 1.18.3 (with lightdm-gtk-greeter 2.0.1-2) I am not seeing the
  normal prompts that should come up when a user's password has expired.
  When a user attempts to log in with an expired password, they should
  be notified that their password has expired, and then prompted to re-
  enter their current password. If their current password is accepted,
  they should then be prompted to enter a new password. If that password
  meets the system's requirements, they should then be prompted to enter
  their new password a second time to confirm it.

  On my system I am seeing the first message, the user is informed that
  their password has expired and must be changed. However, I am not
  seeing any subsequent prompts. The user is presented with a blank
  password field three times with no instruction. Their login will
  succeed if they know they need to enter their current password, press
  enter, enter their new password, press enter, and then enter their new
  password again, and press enter, there is just no dialog to inform
  them of this.

  If I install GDM on the same system and set it as the default, it
  works correctly. A text notification is displayed, telling the user
  what to enter in the password field (i.e "Current Password", "New
  Password", "Confirm New Password"). If I install the Unity-greeter
  that comes with Ubuntu 16.04 standard, it also works correctly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1702985/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp