You are not logged in.

#1 2020-09-13 22:38:03

zaxmyth
Member
From: Seattle / San Francisco
Registered: 2019-03-25
Posts: 23
Website

[SOLVED] With systemd-homed, user@1000.service fails to start

I converted a user to be managed with systemd-homed and afterward I'm able to login and access files just as before but I'm getting the following errors starting user@1000.service:

Sep 13 11:59:33 qadi systemd[1]: Starting User Manager for UID 1000...
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: User lookup succeeded: uid=1000 gid=1000
Sep 13 11:59:33 qadi systemd[1057]: PAM failed: Authentication service cannot retrieve authentication info
Sep 13 11:59:33 qadi systemd[1057]: user@1000.service: Failed to set up PAM session: Operation not permitted
Sep 13 11:59:33 qadi systemd[1057]: user@1000.service: Failed at step PAM spawning /usr/lib/systemd/systemd: Operation not permitted
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Failed to read oom_kill field of memory.events cgroup attribute: No such file or directory
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Child 1057 belongs to user@1000.service.
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Main process exited, code=exited, status=224/PAM
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Failed with result 'exit-code'.
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Service will not restart (restart setting)
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Changed start -> failed
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Job 183 user@1000.service/start finished, result=failed
Sep 13 11:59:33 qadi systemd[1]: Failed to start User Manager for UID 1000.
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Unit entered failed state.
Sep 13 11:59:33 qadi systemd[1]: user@1000.service: Control group is empty.

I've been looking for information on the PAM related errors but so far I've not come up with anything that helps so hoping somebody here has some ideas to try.

In case it matters, my underlying filesystem is Btrfs, I have a subvolume for @home, and my systemd-homed user is configured with luks storage.

I have no .pacnew files and no ~/.pam_environment file

Thanks for any pointers!

Last edited by zaxmyth (2020-09-16 15:57:58)

Offline

#2 2020-09-15 12:17:44

tucuxi
Member
From: Prague
Registered: 2020-03-08
Posts: 21

Re: [SOLVED] With systemd-homed, user@1000.service fails to start

If the user ID 1000 is still in /etc/passwd or /etc/shadow, remove it from there.

With stock pam configs, the log should look something like this:

Sep 15 13:58:21 arch systemd[1]: Starting User Manager for UID 60001...
Sep 15 13:58:21 arch systemd[660]: pam_systemd_home(systemd-user:account): Home for user tux successfully acquired.
Sep 15 13:58:21 arch systemd[660]: pam_warn(systemd-user:setcred): function=[pam_sm_setcred] flags=0x8002 service=[systemd-user] terminal=[] user=[tux] ruser=[<unknown>] rhost=[<unknown>]
Sep 15 13:58:21 arch systemd[660]: pam_unix(systemd-user:session): session opened for user tux(uid=60001) by (uid=0)
...

Offline

#3 2020-09-15 13:59:46

zaxmyth
Member
From: Seattle / San Francisco
Registered: 2019-03-25
Posts: 23
Website

Re: [SOLVED] With systemd-homed, user@1000.service fails to start

Double-checked that I removed the entries for user 1000 in /etc/{passwd, shadow, group, gshadow} and nothing there.

I looked through my journal for `pam_systemd_homed` and I don't see an entry like `pam_systemd_home(systemd-user:account): Home for user tux successfully acquired.`

$ journalctl -b -g pam_systemd_home
-- Logs begin at Mon 2020-09-14 17:39:12 PDT, end at Tue 2020-09-15 06:45:56 PDT. --
Sep 14 21:31:30 qadi gdm-password][1581]: pam_systemd_home(gdm-password:auth): Home for user zach successfully acquired.
Sep 14 22:02:16 qadi gdm-password][4221]: pam_systemd_home(gdm-password:auth): Home for user zach successfully acquired.
Sep 15 06:30:46 qadi gdm-password][5525]: pam_systemd_home(gdm-password:auth): Home for user zach successfully acquired.
Sep 15 06:41:25 qadi sudo[6452]: pam_systemd_home(sudo:auth): Home for user zach successfully acquired.
Sep 15 06:41:31 qadi sudo[6469]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:41:42 qadi sudo[6486]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:41:59 qadi sudo[6529]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:42:08 qadi sudo[6546]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:42:18 qadi sudo[6561]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:43:01 qadi sudo[6608]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:43:41 qadi sudo[6662]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:43:55 qadi sudo[6689]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:44:10 qadi sudo[6705]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:44:19 qadi sudo[6731]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.
Sep 15 06:44:23 qadi sudo[6745]: pam_systemd_home(sudo:account): Home for user zach successfully acquired.

I have pambase 20200721.1-2 and pam 1.4.0-3

Offline

#4 2020-09-15 16:07:28

tucuxi
Member
From: Prague
Registered: 2020-03-08
Posts: 21

Re: [SOLVED] With systemd-homed, user@1000.service fails to start

systemctl status systemd-homed.service

Offline

#5 2020-09-16 01:50:54

zaxmyth
Member
From: Seattle / San Francisco
Registered: 2019-03-25
Posts: 23
Website

Re: [SOLVED] With systemd-homed, user@1000.service fails to start

$ systemctl status systemd-homed.service
● systemd-homed.service - Home Area Manager
     Loaded: loaded (/usr/lib/systemd/system/systemd-homed.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2020-09-15 07:58:16 PDT; 10h ago
       Docs: man:systemd-homed.service(8)
   Main PID: 817 (systemd-homed)
     Status: "Processing requests..."
      Tasks: 1 (limit: 38030)
     Memory: 39.2M
     CGroup: /system.slice/systemd-homed.service
             └─817 /usr/lib/systemd/systemd-homed

Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: varlink: setting state idle-server
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: New incoming message: {"method":"io.systemd.UserDatabase.GetUserR>
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: varlink: changing state idle-server → processing-method
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: Sending message: {"parameters":{"record":{"binding":{"2d5d5e5896d>
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: varlink: changing state processing-method → processed-method
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: varlink: changing state processed-method → idle-server
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: Got POLLHUP from socket.
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: varlink: changing state idle-server → pending-disconnect
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: varlink: changing state pending-disconnect → processing-disconnect
Sep 15 18:48:57 qadi systemd-homed[817]: varlink-14: varlink: changing state processing-disconnect → disconnected

Offline

#6 2020-09-16 15:24:55

zaxmyth
Member
From: Seattle / San Francisco
Registered: 2019-03-25
Posts: 23
Website

Re: [SOLVED] With systemd-homed, user@1000.service fails to start

I ended up checking my pam configuration files on another system and noticed there were differences in the systemd-user file. I copied this over and now user@1000.service starts correctly.

     
0a1,2
> # This file is part of systemd.
> #
3c5
< account  include system-login
---
> account required pam_unix.so
5c7,8
< session  include system-login
---
> session optional pam_keyinit.so force revoke
> session optional pam_systemd.so

I'm not sure why the changes for pambase were not picked up but it's probably because I did something dumb at some point.

Last edited by zaxmyth (2020-09-16 16:34:37)

Offline

Board footer

Powered by FluxBB