Arch Linux

narendiran

Member

From: Chennai, Tamil Nadu, India

Registered: 2011-09-07

Posts: 26

Website

Trouble logging in with guest account.

1. I set up a tmpfs to be mounted at boot on /tmp/guest. My fstab line is  ...

tmpfs	/tmp/guest	tmpfs	nodev,uid=guest,gid=users,size=5G	0  0

2. I created a new user called guest with home directory as /tmp/guest. This is the exact command I used.

useradd -d /tmp/guest -g users -s /bin/fish -u 990 guest

3. I set the password to guest.

Now, I am unable to login to this account from VT or gdm. But if I login as the normal user and then do su guest then I am able to login to guest.

su guest

Doing the above works

How do I fix this problem?

loafer

Member

From: the pub

Registered: 2009-04-14

Posts: 1,772

Re: Trouble logging in with guest account.

- What authentication mechanism are you using?
- Have you made e.g. any pam specific changes?
- Do you get an error on the VT or from GDM?
- Do you get prompted for a password more than once?  Does it just hang?
- What does the journal show e.g. for pam_unix when the user attemps to login and fails?
- What does the journal show for the successful "su"?

---

All men have stood for freedom...
For freedom is the man that will turn the world upside down.
Gerrard Winstanley.

narendiran

Member

From: Chennai, Tamil Nadu, India

Registered: 2011-09-07

Posts: 26

Website

Re: Trouble logging in with guest account.

What authentication mechanism are you using?
Have you made e.g. any pam specific changes?

I did not make any changes to the authentication mechanism or config files (I don't even know where they are), it is arch default.

Do you get an error on the VT or from GDM?
Do you get prompted for a password more than once?  Does it just hang?

I cannot login from both VT and GDM. In the VT, it says login incorrect and the prompt appears. GDM asks for password again.

What does the journal show e.g. for pam_unix when the user attemps to login and fails?
What does the journal show for the successful "su"?

Here is what I did in VT. Tried to login as guest, it failed. logged in as regular user and then did su guest. Here are the journalctl entries.

Jul 09 22:36:56 GLaDOS login[1975]: FAILED LOGIN 1 FROM tty2 FOR guest, Authentication failure
Jul 09 22:37:06 GLaDOS login[1975]: pam_unix(login:session): session opened for user narendiran by LOGIN(uid=0)
Jul 09 22:37:06 GLaDOS systemd[1]: Starting Session c6 of user narendiran.
Jul 09 22:37:06 GLaDOS systemd-logind[323]: New session c6 of user narendiran.
Jul 09 22:37:06 GLaDOS systemd[1]: Started Session c6 of user narendiran.
Jul 09 22:37:06 GLaDOS login[1975]: LOGIN ON tty2 BY narendiran
Jul 09 22:37:14 GLaDOS su[2006]: (to guest) narendiran on tty2
Jul 09 22:37:14 GLaDOS su[2006]: pam_unix(su:session): session opened for user guest by narendiran(uid=1000)

loafer

Member

From: the pub

Registered: 2009-04-14

Posts: 1,772

Re: Trouble logging in with guest account.

It sounds like the password entered is incorrect based on what you've provided.  However, assuming su asks for a password and it works that's not it.

Can you post the relevant pam config files please.

edit:  what happens with "su - guest".

Last edited by loafer (2014-07-12 20:12:59)

---

All men have stood for freedom...
For freedom is the man that will turn the world upside down.
Gerrard Winstanley.

narendiran

Member

From: Chennai, Tamil Nadu, India

Registered: 2011-09-07

Posts: 26

Website

Re: Trouble logging in with guest account.

Using 'su - guest' works.

Here are some relevent config files.
/etc/pam.d/login

#%PAM-1.0

auth       required     pam_securetty.so
auth       requisite    pam_nologin.so
auth       include      system-local-login
account    include      system-local-login
session    include      system-local-login

/etc/pam.d/system-local-login

#%PAM-1.0

auth      include   system-login
account   include   system-login
password  include   system-login
session   include   system-login

/etc/pam.d/system-login

#%PAM-1.0

auth       required   pam_tally.so         onerr=succeed file=/var/log/faillog
auth       required   pam_shells.so
auth       requisite  pam_nologin.so
auth       include    system-auth

account    required   pam_access.so
account    required   pam_nologin.so
account    include    system-auth

password   include    system-auth

session    optional   pam_loginuid.so
session    include    system-auth
session    optional   pam_motd.so          motd=/etc/motd
session    optional   pam_mail.so          dir=/var/spool/mail standard quiet
-session   optional   pam_systemd.so
session    required   pam_env.so

/etc/pam.d/system-auth

#%PAM-1.0

auth      required  pam_unix.so     try_first_pass nullok
auth      optional  pam_permit.so
auth      required  pam_env.so

account   required  pam_unix.so
account   optional  pam_permit.so
account   required  pam_time.so

password  required  pam_unix.so     try_first_pass nullok sha512 shadow
password  optional  pam_permit.so

session   required  pam_limits.so
session   required  pam_unix.so
session   optional  pam_permit.so

/etc/pam.d/su

#%PAM-1.0
auth		sufficient	pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth		sufficient	pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth		required	pam_wheel.so use_uid
auth		required	pam_unix.so
account		required	pam_unix.so
session		required	pam_unix.so

/etc/pam.d/gdm-password

auth     include   system-local-login
auth     optional  pam_gnome_keyring.so

account  include   system-local-login

password include   system-local-login
password optional  pam_gnome_keyring.so use_authtok

session  optional  pam_keyinit.so force revoke
session  include   system-local-login
session  optional  pam_gnome_keyring.so auto_start