[Freeipa-users] Cannot login after patching on LXC Container
Lukas Slebodnik
lslebodn at redhat.com
Tue Feb 14 14:55:00 UTC 2017
On (14/02/17 13:00), Nuno Higgs wrote:
>Hello All,
>
>
>
>I have a LXC container running Centos7, fully patched that i can't login
>into in a standard IPA usage configuration:
>
>
>Feb 13 19:42:07 lxc1 sshd[1536]: pam_sss(sshd:account): Access denied for
>user nuno 4 (System error)
>
System error means unexpected state for sssd.
I would recommend to follow sssd troubleshooting wiki
https://fedorahosted.org/sssd/wiki/Troubleshooting#TroubleshootingAuthenticationPasswordChangeandAccessControl
>Feb 13 19:42:07 lxc1 sshd[1536]: Failed password for nuno from 172.16.0.10
>port 54461 ssh2
>
>Feb 13 19:42:07 lxc1 sshd[1536]: fatal: Access denied for user nuno by PAM
>account configuration [preauth]
>
>Feb 13 19:43:42 lxc1 sshd[1553]: Connection closed by 172.16.3.253 [preauth]
>
>Feb 13 19:53:04 lxc1 sshd[1635]: pam_sss(sshd:auth): authentication success;
>logname= uid=0 euid=0 tty=ssh ruser= rhost=172.16.3.253 user=nuno
>
>Feb 13 19:53:04 lxc1 sshd[1632]: error: PAM: User account has expired for
>nuno from 172.16.3.253
>
This error is little bit later but I think it is clear enough.
The account is expired.
LS
More information about the Freeipa-users
mailing list