You are not logged in.
Pages: 1
I have built a bootable USB stick with Breath (https://cb-linux.github.io/breath/) to run arch on my Chromebook but when I start it I only see the black login shell and no matter how often I type in the correct login/password combination I always get the error message "Login incorrect". The same applies to the root account.
I even mounted the USB stick on another device, changed the password in the /etc/shadow file manually to a very simple one with just numbers, to make sure that it is not a keyboard layout issue.
This is the part in the system.journal file that shows the error:
MESSAGE=audit: type=1130 audit(1661427345.117:34): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
MESSAGE=[system] Activating via systemd: service name='org.freedesktop.home1' unit='dbus-org.freedesktop.home1.service' requested by ':1.3' (uid=0 pid=267 comm="/bin/login -p -- " label="kernel")
MESSAGE=audit: type=1100 audit(1661428153.593:35): pid=267 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='op=PAM:authentication grantors=? acct="peleke" exe="/usr/bin/login" hostname=archbook addr=? terminal=/dev/tty1 res=failed'
MESSAGE=USER_AUTH pid=267 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='op=PAM:authentication grantors=? acct="root" exe="/usr/bin/login" hostname=archbook addr=? terminal=/dev/tty1 res=failed'
MESSAGE=audit: type=1100 audit(1661428162.262:36): pid=267 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='op=PAM:authentication grantors=? acct="root" exe="/usr/bin/login" hostname=archbook addr=? terminal=/dev/tty1 res=failed'
MESSAGE=audit: type=1130 audit(1661428172.122:37): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'This it the /etc/passwd file:
root:x:0:0::/root:/bin/bash
bin:x:1:1::/:/usr/bin/nologin
daemon:x:2:2::/:/usr/bin/nologin
mail:x:8:12::/var/spool/mail:/usr/bin/nologin
ftp:x:14:11::/srv/ftp:/usr/bin/nologin
http:x:33:33::/srv/http:/usr/bin/nologin
nobody:x:65534:65534:Nobody:/:/usr/bin/nologin
dbus:x:81:81:System Message Bus:/:/usr/bin/nologin
systemd-coredump:x:981:981:systemd Core Dumper:/:/usr/bin/nologin
systemd-network:x:980:980:systemd Network Management:/:/usr/bin/nologin
systemd-oom:x:979:979:systemd Userspace OOM Killer:/:/usr/bin/nologin
systemd-journal-remote:x:978:978:systemd Journal Remote:/:/usr/bin/nologin
systemd-resolve:x:977:977:systemd Resolver:/:/usr/bin/nologin
systemd-timesync:x:976:976:systemd Time Synchronization:/:/usr/bin/nologin
tss:x:975:975:tss user for tpm2:/:/usr/bin/nologin
uuidd:x:68:68::/:/usr/bin/nologin
peleke:x:1000:1000::/home/peleke:/bin/bashThis is the /etc/shadow file (I changed the password of the root account as well without success):
root:$6ts5fUNLvXlM:19228::::::
bin:!*:19228::::::
daemon:!*:19228::::::
mail:!*:19228::::::
ftp:!*:19228::::::
http:!*:19228::::::
nobody:!*:19228::::::
dbus:!*:19228::::::
systemd-coredump:!*:19228::::::
systemd-network:!*:19228::::::
systemd-oom:!*:19228::::::
systemd-journal-remote:!*:19228::::::
systemd-resolve:!*:19228::::::
systemd-timesync:!*:19228::::::
tss:!*:19228::::::
uuidd:!*:19228::::::
peleke:$6ts5fUNLvXlM:19228:0:99999:7:::This is /etc/pam.d/system-login file:
#%PAM-1.0
auth required pam_shells.so
auth requisite pam_nologin.so
auth include system-auth
account required pam_access.so
account required pam_nologin.so
account include system-auth
password include system-auth
session optional pam_loginuid.so
session optional pam_keyinit.so force revoke
session include system-auth
session optional pam_motd.so
session optional pam_mail.so dir=/var/spool/mail standard quiet
-session optional pam_systemd.so
session required pam_env.so user_readenv=1I cannot boot from another device/ISO and I also cannot change the terminal (tty) or use chroot but I can mount the whole disk on another computer to modify files.
What could I do to be able to login again?
Last edited by Peleke (2022-08-25 12:43:51)
Offline
Can you boot the rescue.target (2nd link below), should give you a root shell (so you won't have to mess w/ the HW)
There's no PAM error in the segment you posted, however since it's an AUTH error, /etc/pam.d/system-auth is gonna be relevant and anecdotally, just try to comment (leading "#") every line in it that has "pam_systemd_home.so"
Offline
Do I need to change the symlink or the kernel parameter for that (as that seems to have a higher priority)? How can I do it with another device accessing the disk and not being able to use systemctl?
Offline
Just use the kernel parameter when you boot the system (press "e" in grub), it will kick you there alone.
Offline
I don't have grub on the Chromebook AFAIK. It just boots right into the shell without any step/screen in between.
Offline
You'd have to edit the default.target symlink then.
tbh, after looking at breat I'm not sure that counts as archlinux and the problems you encounter may be due to that distro rather than anything else, but I'm curious enough to see whether it's systemd-homed.
Offline
In /etc/systemd/system are two symlinks:
system % find . -type l -ls
130588 0 lrwxrwxrwx 1 peleke staff 0 24 Aug 23:19 ./getty.target.wants/getty@tty1.service -> /usr/lib/systemd/system/getty@.service
130602 0 lrwxrwxrwx 1 peleke staff 0 24 Aug 23:19 ./multi-user.target.wants/remote-fs.target -> /usr/lib/systemd/system/remote-fs.targetHow to change that now to rescue.target?
The /boot directory looks empty or cannot be mounted on the other device.
Last edited by Peleke (2022-08-25 15:17:53)
Offline
Created symlink /etc/systemd/system/default.target -> /usr/lib/systemd/system/multi-user.target.
The /boot directory looks empty or cannot be mounted on the other device.
You don't mount directories, you mount partitions.
lsblk -fOffline
So far I only had a MacBook available which does not support Linux file systems. Just with the trial of Paragon extFS I was able to access the main disk of the USB stick arch installation but not the boot partition. I can try to access it with a Ubuntu VM on my Windows machine for that.
Offline
The boot partition is typically vfat/FAT32
Offline
This is the content of the system-auth file:
#%PAM-1.0
auth required pam_faillock.so preauth
# Optionally use requisite above if you do not want to prompt for the password
# on locked accounts.
-auth [success=2 default=ignore] pam_systemd_home.so
auth [success=1 default=bad] pam_unix.so try_first_pass nullok
auth [default=die] pam_faillock.so authfail
auth optional pam_permit.so
auth required pam_env.so
auth required pam_faillock.so authsucc
# If you drop the above call to pam_faillock.so the lock will be done also
# on non-consecutive authentication failures.
-account [success=1 default=ignore] pam_systemd_home.so
account required pam_unix.so
account optional pam_permit.so
account required pam_time.so
-password [success=1 default=ignore] pam_systemd_home.so
password required pam_unix.so try_first_pass nullok shadow sha512
password optional pam_permit.so
-session optional pam_systemd_home.so
session required pam_limits.so
session required pam_unix.so
session optional pam_permit.soShould I try it with this one instead?
#%PAM-1.0
auth required pam_faillock.so preauth
# Optionally use requisite above if you do not want to prompt for the password
# on locked accounts.
#-auth [success=2 default=ignore] pam_systemd_home.so
auth [success=1 default=bad] pam_unix.so try_first_pass nullok
auth [default=die] pam_faillock.so authfail
auth optional pam_permit.so
auth required pam_env.so
auth required pam_faillock.so authsucc
# If you drop the above call to pam_faillock.so the lock will be done also
# on non-consecutive authentication failures.
#-account [success=1 default=ignore] pam_systemd_home.so
account required pam_unix.so
account optional pam_permit.so
account required pam_time.so
#-password [success=1 default=ignore] pam_systemd_home.so
password required pam_unix.so try_first_pass nullok shadow sha512
password optional pam_permit.so
#-session optional pam_systemd_home.so
session required pam_limits.so
session required pam_unix.so
session optional pam_permit.soI cannot make it to work to mount the first partition because it is always complaining about wrong file system type probably because of the ChromeOS kernel:
Device Start End Sectors Size Type
linux-build/breath.img1 2048 133119 131072 64M ChromeOS kernel
linux-build/breath.img2 133120 25163775 25030656 11,9G Linux file systemLast edited by Peleke (2022-08-25 19:32:32)
Offline
I have the same problem. Main user works, but additional returns "Login incorrect"...
Offline
@Peleke did you try w/o pam_systemd_home.so ?
@lord, "Main user works, but additional returns "Login incorrect"" doesn't suggest you're hitting the same problem.
Feel free to try w/o pam_systemd_home.so, but I'd rather re-check the password (try 12345) and otherwise please produce a complete system journal covering a login failure.
Offline
Pages: 1