You are not logged in.
Hello. I'm setting up a new system and was trying to do a minimal gnome installation. I'm able to boot the system, but I can't get to the gdm login screen. The system stays stuck in the terminal, however, I can switch to a different tty and login.
After logging in via a different tty, the first thing I did was
systemctl status --state failed
, but there are no failing units.
Next, I enabled debugging at
/etc/gdm/custom.conf
, rebooted, and checked the logs. I also did the same on a different Arch system to compare the results.
On my broken system, I see this.
GdmSessionWorker: Set PAM environment variable: 'XDG_SEAT=seat0'
GdmSessionWorker: state SETUP_COMPLETE
GdmSessionWorker: attempting to change state to AUTHENTICATED
GdmSessionWorker: authenticating user gdm
GdmSessionWorker: state AUTHENTICATED
GdmSessionWorker: attempting to change state to AUTHORIZED
GdmSessionWorker: determining if authenticated user (password required:0) is authorized to session
pam_unix(gdm-launch-environment:account): account gdm has expired (account expired)
GdmSessionWorker: received pam message of type 3 with payload 'Your account has expired; please contact your system administrator'
GdmSessionWorker: PAM conversation return 0: success
GdmSessionWorker: user is not authorized to log in: User account has expired
GdmSessionWorker: uninitializing PAM
GdmSessionWorker: state NONE
On a working system, I see something similar except for the
account gdm has expired
line. Additionally, on the working system I eventually see
GdmSessionWorker: state AUTHORIZED
, but in the broken system that is never printed.
I checked passwd to see if there was anything interesting. This is what it looks like on the broken system.
# passwd --status gdm
gdm L 09/10/2019 -1 -1 -1 -1
which is exactly what it looks like on the working system.
This is how I installed gnome.
pacman -S gdm xdg-user-dirs gnome-session gnome-keyring \
gnome-shell gnome-menus gnome-settings-daemon gnome-control-center networkmanager \
mutter nautilus \
gnome-terminal
What am I missing??
Last edited by 1ptb3b (2019-09-10 23:00:17)
Offline
Did you compare the passwd status of the user gdm to your working system?
Since this is how it looks on mine:
$ passwd --status gdm
gdm L 11/09/2016 0 99999 7 -1
Offline
Yeah, I also compared the working system's passwd. On my working system, the passwd for gdm looks like this.
# passwd --status gdm
gdm L 03/09/2019 -1 -1 -1 -1
I wonder why our passwd are different... Hmm...
Last edited by 1ptb3b (2019-09-10 17:23:09)
Offline
Waaiiitttt... waat...
This is what `/etc/shadow` looks like in the broken system.
gdm:!!:18149:::::1:
systemd-network:!!:18149:::::1:
avahi:!!:18149:::::1:
dbus:!!:18149:::::1:
And then I checked `man 5 shadow`.
The trailing 1 is for the account expiration date!
In fact, most of the users on the broken system have the trailing 1. Except for root and my user.
I checked on the working system and `/etc/shadow` does not have the trailing 1!
What the heck happened here??
Working system
# chage --list gdm
Last password change : Dec 11, 2018
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : -1
Maximum number of days between password change : -1
Number of days of warning before password expires : -1
Broken system
# chage --list gdm
Last password change : sep 10, 2019
Password expires : never
Password inactive : never
Account expires : Jan 02, 1970
Minimum number of days between password change : -1
Maximum number of days between password change : -1
Number of days of warning before password expires : -1
Last edited by 1ptb3b (2019-09-10 17:51:19)
Offline
I unexpired all of the accounts with `chage`.
# chage --expiredate -1 gdm
And I was able to login!!!
But, why the heck were all my accounts expired in the first place?
Offline
See https://bugs.archlinux.org/task/63706
This is a systemd change.
Offline
This seems to have been fixed with today's release of gdm 3.32.0+2+g820f90f5-2:
The package now uses .INSTALL with groupadd, useradd and passwd instead of relying on sysusers.
post_install() {
# Can't use sysusers as the greeter session cannot launch with an expired 'gdm' account
# https://bugs.archlinux.org/task/63706
if ! getent passwd gdm >/dev/null; then
groupadd -r -g 120 gdm
useradd -r -c "Gnome Display Manager" -u 120 -g gdm -d /var/lib/gdm -s /sbin/nologin gdm
passwd -ql gdm
fi
}
# vim:set ft=sh sw=2 et:
Last edited by schard (2019-09-11 08:49:41)
Offline