Immediate logout after login
I think, finally I find the reason of this problem: after logging in system gives to user not existing shell: /sbin/nologin. After adding this string:
map passwd loginShell "/bin/bash"
in /etc/nslcd.conf
everything become ok.
Related videos on Youtube
toshyak
Updated on September 18, 2022Comments
-
toshyak over 1 year
I have copied VM with Red Hat 6.4 in VMware vSphere Client, move it to another network and change configs for connecting to ldap servers. And now I have a problem with logging procedure through LDAP. When I try to login either locally or via ssh, system immediatly logged me out. This is the messages in /var/log/secure when I try to connect via ssh:
Feb 17 13:41:57 %hostname% sshd[1452]: Accepted password for %user_name% from 10.84.176.248 port 30104 ssh2 Feb 17 13:41:57 %hostname% sshd[1452]: pam_unix(sshd:session): session opened for user %user_name% by (uid=0) Feb 17 13:41:57 %hostname% sshd[1452]: pam_unix(sshd:session): session closed for user %user_name%
So, I know that my system can connect to LDAP (command
id %username%
return valid answer) and uses pam for login. Here is my/etc/pam.d/system-auth
:auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account required pam_permit.so account required pam_access.so password requisite pam_cracklib.so try_first_pass retry=3 type= password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_mkhomedir.so
I think that I successfully pass through pam authorisation, because the very last instruction was executed (home directory was created). So I think something another logging me out.
I checked
/etc/passwd
file and it looks fine to me:nscd:x:28:28:NSCD Daemon:/:/sbin/nologin nslcd:x:65:55:LDAP Client User:/:/sbin/nologin
Also there is no some auth restriction in
/etc/security/limits.conf
Any advice would be appreciated. Thank you!
P.S. I have no access to my old VM and cannot check is it possible to log in there.
-
Jason Zhu over 10 yearsMy guess is that you switched networks without updating your /etc/hosts.alow
-
toshyak about 10 years@JasonZhu No, hosts.allow and hosts.deny are both empty. I'm pretty sure that it is not network problem.
-
Admin about 10 yearsMy first step when troubleshooting LDAP auth is to validate time sync. Check that ntpd is running and you're showing a reasonable "date" response. I doubt that's the problem, but it's good to rule it out.
-
toshyak about 10 years@sallie yes, you are right, there were some problems with time sync, but now I fix them and nothing changes, I still get this problem
-