New users unable to login (but root can)

justsudoit · 2020-05-23 21:01:56

On a fresh install, I can create new users via

useradd -m -U -s /usr/bin/bash user

and set their password with

passwd user

and as root, I can login as the user via

su user

However, if I try to login as the user via tty, or ssh, I am unable to authenticate. On tty, it returns 'Login incorrect'. Over ssh, it returns 'Permission denied, please try again.' Can someone please point me in the direction of any relevant logs or configuration files? Again, this is a fresh install, and not my first Arch install either, and I have never seen this issue before. Any help is very appreciated.

journalctl output

justsudoit · 2020-05-23 22:24:46

Okay, I figured it out. Since /usr/bin/bash was not listed in /etc/shells, PAM authentication failed. Adding that path to bash fixed it. Goes to show I should'nt rely on

which bash

too heavily...

eschwartz · 2020-05-24 04:37:03

You should not either rely on "which".
https://unix.stackexchange.com/question … 5250#85250
https://mywiki.wooledge.org/BashFAQ/081

$ which ls; echo $?
Sorry, I don't do whichcraft.
0

(I dislike the use of this command, and borrowed a script from elsewhere which does this)

For scripting use in /bin/sh scripts, always use 'command -v someprog'. Using 'which' instead is a portability violation and your script won't work as expected. If your shebang uses bash, you can still use 'command -v', though you might optionally use 'type -P', which is a bashism that does the same thing unless someprog is a function or alias, in which case type -P ensures it still resolves to a disk executable.

For interactive use, if you happen to know that which is installed (it is not installed by default on Arch Linux), you may use it, but IMHO you don't want to as it returns the wrong thing; instead, on bash, zsh or ksh, you can use 'type -a someprog', which will a) show you how the command is interpreted by the shell, i.e. if it is an alias or function, or else the disk executable it resolves to, and b) show you all the other things the command could be interpreted as, in order of precedence.

$ type -a ls
ls is aliased to `ls -FN --color=auto'
ls is /usr/bin/ls

The external disk executable "which" does not do this, but the most common and preferred implementations (the ones you are likely to find on Linux, though again, you might need to install it via pacman/other package manager first) act precisely like type -P, and therefore it does precisely what you *don't* want in an interactive console, where various arbitrary changes might happen before the program itself is run.

The zsh builtin alias "which -a" does do this, but only because the zsh builtin "which" is an alias for "whence -c", as "type" is a zsh alias for "whence -v", and "whence -c -a" or "whence -v -a" will get you this expanded output... but you should probably just use whence directly (or type -a if you value muscle memory compatibility with bash).

nl6720 · 2020-05-24 04:38:23

There's a warning about the issue in the wiki: https://wiki.archlinux.org/index.php/Us … management.

Arch Linux

#1 2020-05-23 21:01:56

New users unable to login (but root can)

#2 2020-05-23 22:24:46

Re: New users unable to login (but root can)

#3 2020-05-24 04:37:03

Re: New users unable to login (but root can)

#4 2020-05-24 04:38:23

Re: New users unable to login (but root can)

Board footer