[Freeipa-users] Trying to trace why a user cannot login to a client

Steven Jones Steven.Jones at vuw.ac.nz
Tue May 1 20:40:41 UTC 2012 

Hi,

The sssd log on the client rolled over on the 28th of march and there are no logs since....ie the log is zero length.


regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: Jan Zeleny [jzeleny at redhat.com]
Sent: Tuesday, 1 May 2012 6:43 p.m.
To: freeipa-users at redhat.com
Cc: Steven Jones
Subject: Re: [Freeipa-users] Trying to trace why a user cannot login to a client

Steven Jones <Steven.Jones at vuw.ac.nz> wrote:
> Hi,
>
> I removed jonesst1 from the user group, then jonesst1 cannot login, so
> jonesst1 is using user group and HBAC to login as is thing....put it back
> and jonesst1 works again...
>
> :/
>
> regards
>
> Steven Jones
>
> Technical Specialist - Linux RHCE
>
> Victoria University, Wellington, NZ
>
> 0064 4 463 6272
>
> ________________________________
> From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com]
> on behalf of Steven Jones [Steven.Jones at vuw.ac.nz] Sent: Tuesday, 1 May
> 2012 3:47 p.m.
> Cc: freeipa-users at redhat.com
> Subject: [Freeipa-users] Trying to trace why a user cannot login to a
> client
>
> I have a user jonesst1 which can login to a workstation fine, but a second
> user thing cannot, here is the secure log output,
>
> =========
> May  1 15:45:49 vuwunicorh6ws04 login: pam_unix(login:auth): authentication
> failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=  user=jonesst1
> May  1 15:45:50 vuwunicorh6ws04 login: pam_sss(login:auth): authentication
> success; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=jonesst1
> May  1 15:45:50 vuwunicorh6ws04 login: pam_unix(login:session): session
> opened for user jonesst1 by LOGIN(uid=0) May  1 15:45:50 vuwunicorh6ws04
> login: LOGIN ON tty1 BY jonesst1
> May  1 15:45:52 vuwunicorh6ws04 login: pam_unix(login:session): session
> closed for user jonesst1 May  1 15:45:55 vuwunicorh6ws04 login: PAM unable
> to dlopen(/lib64/security/pam_fprintd.so): /lib64/security/pam_fprintd.so:
> cannot open shared object file: No such file or directory May  1 15:45:55
> vuwunicorh6ws04 login: PAM adding faulty module:
> /lib64/security/pam_fprintd.so May  1 15:46:00 vuwunicorh6ws04 login:
> pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0
> tty=tty1 ruser= rhost=  user=thing May  1 15:46:00 vuwunicorh6ws04 login:
> pam_sss(login:auth): system info: [Decrypt integrity check failed] May  1
> 15:46:00 vuwunicorh6ws04 login: pam_sss(login:auth): authentication
> failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=thing May
> 1 15:46:00 vuwunicorh6ws04 login: pam_sss(login:auth): received for user
> thing: 4 (System error) May  1 15:46:03 vuwunicorh6ws04 login: FAILED
> LOGIN 1 FROM (null) FOR thing, Authentication failure =============

This looks like system error in SSSD, could you please try to reproduce the
issue again and send us SSSD log files with reasonable debug level (let's say
7)?

Thanks
Jan

More information about the Freeipa-users mailing list