[Freeipa-users] Authenticate on GNOME display manager with freeipa
tuxderlinuxfuchs77 at gmail.com
tuxderlinuxfuchs77 at gmail.com
Fri May 12 09:25:04 UTC 2017
Thanks!
I followed this manual:
https://help.ubuntu.com/lts/serverguide/sssd-ad.html#sssd-ad-mkhomedir
added the line
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
to the file /etc/pam.d/common-session (find attached)
On 12-May-17 8:29 AM, Sumit Bose wrote:
> On Fri, May 12, 2017 at 12:50:08AM +0200, tuxderlinuxfuchs77 at gmail.com wrote:
>> I have attached the syslog with gdm debug mode enabled
>>
>>
>> On 11-May-17 1:54 PM, Sumit Bose wrote:
>>> On Thu, May 11, 2017 at 01:29:33PM +0200, tuxderlinuxfuchs77 at gmail.com wrote:
>>>> Hello,
>>>>
>>>> I have attached the requested files.
>>> The logs indicate that access was granted by SSSD and that gdm even
>>> called pam_open_session.
>>>
>>> Did gdm login worked with the 'allow all' rule? Are there any other
>>> hints in the system or gdm logs with gdm might have failed?
>>>
>>> bye,
>>> Sumit
>>>
>>>> Thanks in advance!
>>>>
>>>> On 10-May-17 9:42 PM, Sumit Bose wrote:
>>>>> On Tue, May 09, 2017 at 11:12:13PM +0200, tuxderlinuxfuchs77 at gmail.com wrote:
>>>>>> Hello everyone,
>>>>>>
>>>>>> I set up my freeIPA instance and it works very well for my client
>>>>>> computers (Ubuntu Desktop 16.04.2 LTS), I can login via SSH using a
>>>>>> freeIPA managed user account.
>>>>>>
>>>>>> My own HBAC rule also works for that. I disabled the "allow all" rule
>>>>>> and created my own one. Works fine for SSH.
>>>>>>
>>>>>> But I cannot login to the GNOME 3 Desktop on the client. I used the
>>>>>> netinstall ISO image of Ubuntu. During installation, I have chose
>>>>>> "Ubuntu GNOME Desktop" as the only desktop.
>>>>>>
>>>>>> So my display manager is gdm3.
>>>>>>
>>>>>> I added the "gdm" and "gdm-password" services to my HBAC rule. To be on
>>>>>> the safe side, I rebooted the client machine. But I still can't login to
>>>>>> the GNOME Desktop with an account that can login via SSH.
>>>>>>
>>>>>> So the services in my rule are
>>>>>>
>>>>>> login, gdm, gdm-password
>>>>>>
>>>>>> If you need any logs or other information, I will provide them.
>>>>> Please send sssd_pam.log and sssd_domain.name.log with debug_level=10 in
>>>>> the [pam] and [domain/...] section of sssd.conf.
>>>>>
>>>>> bye,
>>>>> Sumit
>>>>>
>>>>>> Thanks in advance!
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Manage your subscription for the Freeipa-users mailing list:
>>>>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>>>>> Go to http://freeipa.org for more info on the project
> ....
>> May 11 23:41:55 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) This device may have been added with another device file.
>> May 11 23:41:55 ubugdm gdm-x-session: Running session message bus
>> May 11 23:41:55 ubugdm gdm3: GdmManager: trying to register new display
>> May 11 23:41:55 ubugdm gdm3: GdmSession: Setting display device: /dev/tty2
>> May 11 23:41:55 ubugdm gdm3: using ut_user vmuser1
>> May 11 23:41:55 ubugdm gdm3: Writing login record
>> May 11 23:41:55 ubugdm gdm3: using ut_type USER_PROCESS
>> May 11 23:41:55 ubugdm gdm3: using ut_tv time 1494538915
>> May 11 23:41:55 ubugdm gdm3: using ut_pid 1741
>> May 11 23:41:55 ubugdm gdm3: using ut_host :1
>> May 11 23:41:55 ubugdm gdm3: using ut_line tty2
>> May 11 23:41:55 ubugdm gdm3: Writing wtmp session record to /var/log/wtmp
>> May 11 23:41:55 ubugdm gdm3: Adding or updating utmp record for login
>> May 11 23:41:55 ubugdm gdm3: GdmLocalDisplayFactory: display status changed: 2
>> May 11 23:41:55 ubugdm gdm-x-session: Running X session
>> May 11 23:41:55 ubugdm gdm-x-session: Trying script /etc/gdm3/Prime/:1
>> May 11 23:41:55 ubugdm gdm-x-session: script /etc/gdm3/Prime/:1 not found; skipping
>> May 11 23:41:55 ubugdm gdm-x-session: Trying script /etc/gdm3/Prime/Default
>> May 11 23:41:55 ubugdm gdm-x-session: Running process: /etc/gdm3/Prime/Default
>> May 11 23:41:55 ubugdm gdm-x-session: GdmSlave: script environment: DISPLAY=:1
>> May 11 23:41:55 ubugdm gdm-x-session: GdmSlave: script environment: SHELL=/bin/sh
>> May 11 23:41:55 ubugdm gdm-x-session: GdmSlave: script environment: XAUTHORITY=/run/user/126400004/gdm/Xauthority
>> May 11 23:41:55 ubugdm gdm-x-session: GdmSlave: script environment: RUNNING_UNDER_GDM=true
>> May 11 23:41:55 ubugdm gdm-x-session: GdmSlave: script environment: HOME=/
>> May 11 23:41:55 ubugdm gdm-x-session: GdmSlave: script environment: PWD=/
>> May 11 23:41:55 ubugdm gdm-x-session: GdmSlave: script environment: PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
>> May 11 23:41:55 ubugdm gdm-x-session: Process exit status: 0
>> May 11 23:41:55 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: /etc/gdm3/Xsession: Beginning session setup...
>> May 11 23:41:55 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: /etc/gdm3/Xsession: line 41: /dev/stderr: No such device or address
>> May 11 23:41:55 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: localuser:vmuser1 being added to access control list
>> May 11 23:41:55 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: localuser:vmuser1 being added to access control list
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Desktop
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Downloads
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Templates
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Public
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Documents
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Music
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Pictures
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Can't create dir /home/vmuser1/Videos
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: openConnection: connect: No such file or directory
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: cannot connect to brltty at :0
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: systemd --user not found, ignoring --systemd argument
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting CLUTTER_IM_MODULE=xim
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting SHELL=/bin/sh
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting QT_LINUX_ACCESSIBILITY_ALWAYS_ON=1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting GTK_MODULES=gail:atk-bridge
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting USER=vmuser1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting QT_ACCESSIBILITY=1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting DEFAULTS_PATH=/usr/share/gconf/gnome.default.path
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting USERNAME=vmuser1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XDG_CONFIG_DIRS=/etc/xdg/xdg-gnome:/etc/xdg
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting DESKTOP_SESSION=gnome
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting QT_IM_MODULE=ibus
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting PWD=/
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XDG_SESSION_TYPE=x11
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XMODIFIERS=@im=ibus
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting LANG=en_US.UTF-8
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting MANDATORY_PATH=/usr/share/gconf/gnome.mandatory.path
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting IM_CONFIG_PHASE=1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting GDMSESSION=gnome
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting KRB5CCNAME=KEYRING:persistent:126400004
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting SHLVL=1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting HOME=/home/vmuser1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XDG_SESSION_DESKTOP=gnome
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting LOGNAME=vmuser1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting QT4_IM_MODULE=xim
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XDG_DATA_DIRS=/usr/share/gnome:/usr/local/share/:/usr/share/:/var/lib/snapd/desktop
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-sIl0NbD3YZ,guid=ce7f419f97490ed005e5a7275914daa3
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting WINDOWPATH=2
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting DISPLAY=:1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XDG_RUNTIME_DIR=/run/user/126400004
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting GTK_IM_MODULE=ibus
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XDG_CURRENT_DESKTOP=GNOME
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting XAUTHORITY=/run/user/126400004/gdm/Xauthority
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: dbus-update-activation-environment: setting _=/usr/bin/dbus-update-activation-environment
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Activating service name='org.a11y.Bus'
>> May 11 23:41:56 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sending user-changed signal for user user
>> May 11 23:41:56 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sent user-changed signal for user user
>> May 11 23:41:56 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: updating user user
>> May 11 23:41:56 ubugdm gdm-password]: AccountsService: ActUserManager: sending user-changed signal for user user
>> May 11 23:41:56 ubugdm gdm-password]: AccountsService: ActUserManager: sent user-changed signal for user user
>> May 11 23:41:56 ubugdm gdm-password]: AccountsService: ActUserManager: updating user user
>> May 11 23:41:56 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sending user-changed signal for user vmuser1
>> May 11 23:41:56 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sent user-changed signal for user vmuser1
>> May 11 23:41:56 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: updating user vmuser1
>> May 11 23:41:56 ubugdm gdm-password]: AccountsService: ActUserManager: sending user-changed signal for user vmuser1
>> May 11 23:41:56 ubugdm gdm-password]: AccountsService: ActUserManager: sent user-changed signal for user vmuser1
>> May 11 23:41:56 ubugdm gdm-password]: AccountsService: ActUserManager: updating user vmuser1
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Successfully activated service 'org.a11y.Bus'
>> May 11 23:41:56 ubugdm org.a11y.Bus[1748]: ** (process:1839): WARNING **: Failed to register client: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
>> May 11 23:41:56 ubugdm org.a11y.Bus[1748]: Activating service name='org.a11y.atspi.Registry'
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Activating service name='org.gtk.vfs.Daemon'
>> May 11 23:41:56 ubugdm org.a11y.Bus[1748]: Successfully activated service 'org.a11y.atspi.Registry'
>> May 11 23:41:56 ubugdm org.a11y.atspi.Registry[1845]: SpiRegistry daemon is running with well-known name - org.a11y.atspi.Registry
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: Successfully activated service 'org.gtk.vfs.Daemon'
>> May 11 23:41:56 ubugdm gnome-session[1751]: gnome-session-is-accelerated: llvmpipe detected.
>> May 11 23:41:56 ubugdm gnome-session[1751]: gnome-session-binary[1751]: WARNING: IceLockAuthFile failed: No such file or directory
>> May 11 23:41:56 ubugdm gnome-session-binary[1751]: WARNING: IceLockAuthFile failed: No such file or directory
> ^^^^^^^^^^^^^^^^^^^^^^^^^
>
> Does the user have a home directory and permissions to write into it?
> Maybe you have to add pam_oddjob_mkhomedir.so or similar to your PAM
> configuration to create it automatically?
>
> HTH
>
> bye,
> Sumit
>
>> May 11 23:41:56 ubugdm gdm-x-session: session exited with status 1
>> May 11 23:41:56 ubugdm org.a11y.atspi.Registry[1845]: XIO: fatal IO error 11 (Resource temporarily unavailable) on X server ":1"
>> May 11 23:41:56 ubugdm org.a11y.atspi.Registry[1845]: after 21 requests (21 known processed) with 0 events remaining.
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) evdev: TPPS/2 IBM TrackPoint: Close
>> May 11 23:41:56 ubugdm org.gtk.vfs.Daemon[1748]: A connection to the bus can't be made
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) UnloadModule: "evdev"
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) systemd-logind: releasing fd for 13:67
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) evdev: AT Translated Set 2 keyboard: Close
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) UnloadModule: "evdev"
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) systemd-logind: releasing fd for 13:65
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) evdev: AT Translated Set 2 keyboard: Close
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) UnloadModule: "evdev"
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) systemd-logind: releasing fd for 13:68
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) evdev: Power Button: Close
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) UnloadModule: "evdev"
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) systemd-logind: releasing fd for 13:64
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) evdev: Microsoft Vmbus HID-compliant Mouse: Close
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) UnloadModule: "evdev"
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) systemd-logind: releasing fd for 13:66
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1741]: (II) Server terminated successfully (0). Closing log file.
>> May 11 23:41:56 ubugdm gdm-password]: GdmSessionWorker: child (pid:1741) done (status:1)
>> May 11 23:41:56 ubugdm gdm-password]: GdmSessionWorker: uninitializing PAM
>> May 11 23:41:56 ubugdm gdm-password]: GdmSessionWorker: jumping to VT 7
>> May 11 23:41:56 ubugdm gdm-password]: GdmSessionWorker: couldn't finalize jump to VT 7: Interrupted system call
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: gnome-session-binary[1204]: DEBUG(+): emitting SessionIsActive
>> May 11 23:41:56 ubugdm gdm-password]: GdmSessionWorker: state NONE
>> May 11 23:41:56 ubugdm gnome-session-binary[1204]: DEBUG(+): emitting SessionIsActive
>> May 11 23:41:56 ubugdm gdm3: GdmSession: Emitting 'session-exited' signal with exit code '1'
>> May 11 23:41:56 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got resume for 13:68
>> May 11 23:41:56 ubugdm gdm3: GdmManager: session exited with status 1
>> May 11 23:41:57 ubugdm gdm3: Writing logout record
>> May 11 23:41:57 ubugdm gdm3: using ut_type DEAD_PROCESS
>> May 11 23:41:57 ubugdm gdm3: using ut_tv time 1494538917
>> May 11 23:41:57 ubugdm gdm3: using ut_pid 1741
>> May 11 23:41:57 ubugdm gdm3: using ut_host :1
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (gnome-settings-daemon:1225): color-plugin-WARNING **: unable to get EDID for xrandr-default: unable to get EDID for output
>> May 11 23:41:57 ubugdm gdm3: using ut_line tty2
>> May 11 23:41:57 ubugdm gdm3: Writing wtmp logout record to /var/log/wtmp
>> May 11 23:41:57 ubugdm gdm-password]: Trying script /etc/gdm3/PostSession
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (WW) FBDEV(0): FBIOPAN_DISPLAY: Invalid argument
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got resume for 13:67
>> May 11 23:41:57 ubugdm gdm-password]: script /etc/gdm3/PostSession not found; skipping
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got resume for 13:66
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got resume for 13:65
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got resume for 13:64
>> May 11 23:41:57 ubugdm gdm-password]: Trying script /etc/gdm3/PostSession/Default
>> May 11 23:41:57 ubugdm gdm-password]: Running process: /etc/gdm3/PostSession/Default
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: DISPLAY=
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: HOME=/home/vmuser1
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: RUNNING_UNDER_GDM=true
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: LOGNAME=vmuser1
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: XAUTHORITY=
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: USERNAME=vmuser1
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: PWD=/home/vmuser1
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: USER=vmuser1
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: SHELL=/bin/sh
>> May 11 23:41:57 ubugdm gdm-password]: GdmSlave: script environment: PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
>> May 11 23:41:57 ubugdm gdm3: Adding or updating utmp record for logout
>> May 11 23:41:57 ubugdm gdm3: GdmDisplay: unmanage display
>> May 11 23:41:57 ubugdm gdm3: GdmDisplay: display lasted 1.615491 seconds
>> May 11 23:41:57 ubugdm gdm3: GdmLocalDisplayFactory: display status changed: 4
>> May 11 23:41:57 ubugdm gdm3: GdmDisplayStore: Unreffing display: 0x9eb8868
>> May 11 23:41:57 ubugdm gdm3: GdmLocalDisplayFactory: display status changed: 3
>> May 11 23:41:57 ubugdm gdm3: GdmDisplay: finish display
>> May 11 23:41:57 ubugdm gdm3: GdmSession: Closing session
>> May 11 23:41:57 ubugdm gdm3: GdmSession: Stopping all conversations
>> May 11 23:41:57 ubugdm gdm3: GdmSessionWorkerJob: Stopping job pid:1731
>> May 11 23:41:57 ubugdm gdm3: GdmCommon: sending signal 15 to process 1731
>> May 11 23:41:57 ubugdm gdm3: GdmSessionWorkerJob: Waiting on process 1731
>> May 11 23:41:57 ubugdm gdm-password]: Process exit status: 0
>> May 11 23:41:57 ubugdm gdm-password]: Worker finished
>> May 11 23:41:57 ubugdm gdm3: GdmCommon: process (pid:1731) done (status:0)
>> May 11 23:41:57 ubugdm gdm3: GdmSessionWorkerJob: SessionWorkerJob died
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: The XKEYBOARD keymap compiler (xkbcomp) reports:
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: > Warning: Type "ONE_LEVEL" has 1 levels, but <RALT> has 2 symbols
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: > Ignoring extra symbols
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: Errors from xkbcomp are not fatal to the X server
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: The XKEYBOARD keymap compiler (xkbcomp) reports:
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: > Warning: Type "ONE_LEVEL" has 1 levels, but <RALT> has 2 symbols
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: > Ignoring extra symbols
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: Errors from xkbcomp are not fatal to the X server
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: The XKEYBOARD keymap compiler (xkbcomp) reports:
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: > Warning: Type "ONE_LEVEL" has 1 levels, but <RALT> has 2 symbols
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: > Ignoring extra symbols
>> May 11 23:41:57 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: Errors from xkbcomp are not fatal to the X server
>> May 11 23:41:57 ubugdm gdm3: GdmManager: trying to open new session
>> May 11 23:41:57 ubugdm gdm3: GdmDBusServer: new connection 0x9e9bad8
>> May 11 23:41:57 ubugdm gdm3: GdmSession: Handling new connection from outside
>> May 11 23:41:57 ubugdm gdm3: GdmManager: client connected
>> May 11 23:41:57 ubugdm gdm3: GdmDisplay: Got timed login details for display: 0
>> May 11 23:41:57 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sending user-changed signal for user user
>> May 11 23:41:57 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sent user-changed signal for user user
>> May 11 23:41:57 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: updating user user
>> May 11 23:41:57 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sending user-changed signal for user vmuser1
>> May 11 23:41:57 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: sent user-changed signal for user vmuser1
>> May 11 23:41:57 ubugdm gdm-launch-environment]: AccountsService: ActUserManager: updating user vmuser1
>> May 11 23:41:59 ubugdm systemd[1]: Time has been changed
>> May 11 23:41:59 ubugdm systemd[1]: snapd.refresh.timer: Adding 5h 14min 24.101040s random time.
>> May 11 23:41:59 ubugdm systemd[1]: snapd.refresh.timer: Adding 1h 49min 37.111737s random time.
>> May 11 23:41:59 ubugdm systemd[1]: apt-daily.timer: Adding 41min 17.722076s random time.
>> May 11 23:41:59 ubugdm systemd[1387]: Time has been changed
>> May 11 23:41:59 ubugdm systemd[1189]: Time has been changed
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: gnome-session-binary[1204]: DEBUG(+): emitting SessionIsActive
>> May 11 23:42:00 ubugdm gnome-session-binary[1204]: DEBUG(+): emitting SessionIsActive
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (gnome-shell:1243): Clutter-CRITICAL **: clutter_input_device_get_device_id: assertion 'CLUTTER_IS_INPUT_DEVICE (device)' failed
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (gnome-shell:1243): Clutter-CRITICAL **: clutter_input_device_get_device_id: assertion 'CLUTTER_IS_INPUT_DEVICE (device)' failed
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got pause for 13:68
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got pause for 13:67
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got pause for 13:66
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got pause for 13:65
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (II) systemd-logind: got pause for 13:64
>> May 11 23:42:00 ubugdm /usr/lib/gdm3/gdm-x-session[1194]: (gnome-shell:1243): Clutter-CRITICAL **: clutter_input_device_get_device_id: assertion 'CLUTTER_IS_INPUT_DEVICE (device)' failed
>> May 11 23:42:04 ubugdm systemd[1189]: Time has been changed
>> May 11 23:42:04 ubugdm systemd[1387]: Time has been changed
>> May 11 23:42:04 ubugdm systemd[1]: Time has been changed
>> May 11 23:42:04 ubugdm systemd[1]: snapd.refresh.timer: Adding 1h 1min 38.593189s random time.
>> May 11 23:42:04 ubugdm systemd[1]: snapd.refresh.timer: Adding 5h 41min 21.874821s random time.
>> May 11 23:42:04 ubugdm systemd[1]: apt-daily.timer: Adding 5h 39min 55.997378s random time.
>> May 11 23:42:09 ubugdm systemd[1]: Time has been changed
>> May 11 23:42:09 ubugdm systemd[1]: snapd.refresh.timer: Adding 2h 33min 11.994432s random time.
>> May 11 23:42:09 ubugdm systemd[1]: snapd.refresh.timer: Adding 4h 23min 50.841896s random time.
>> May 11 23:42:09 ubugdm systemd[1]: apt-daily.timer: Adding 3h 23min 33.465902s random time.
>> May 11 23:42:09 ubugdm systemd[1387]: Time has been changed
>> May 11 23:42:09 ubugdm systemd[1189]: Time has been changed
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170512/ca488082/attachment.htm>
-------------- next part --------------
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.
# here are the per-package modules (the "Primary" block)
session [default=1] pam_permit.so
# here's the fallback if no module succeeds
session requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required pam_permit.so
# The pam_umask module will set the umask according to the system default in
# /etc/login.defs and user settings, solving the problem of different
# umask settings with different shells, display managers, remote sessions etc.
# See "man pam_umask".
session optional pam_umask.so
# and here are more per-package modules (the "Additional" block)
session required pam_unix.so
#####################################################################################
#Added the line below
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session optional pam_sss.so
session optional pam_systemd.so
session optional pam_ecryptfs.so unwrap
# end of pam-auth-update config
More information about the Freeipa-users
mailing list