[CentOS] Login problem on CentOS 4.4 GDM

Thu May 24 01:49:35 UTC 2007
Jim Perrin <jperrin at gmail.com>

On 5/23/07, Mark Hull-Richter <mhullrich at gmail.com> wrote:
> New scenario, same problem.
>
> Installed 4.4.  Logged in through gdm on console as root.  Created 3
> non-root users.  Ran yum update (578 packages - worked fine).
> Rebooted.

Shouldn't matter, but you should really *never* log into the GUI as
root for a server. I smack my junior admins around verbally when I see
this sort of thing (I should probably really stop watching reruns of
House and Scrubs...)  If you installed enough to get the gui, you
should have also gotten firstboot, which would have prompted you to
create a user. Does this user work? Did you log in with this user
before you logged in with root? (If not, can you try that?)

> Checked permissions on all three users' directories - everything looks fine.
What options are you setting for these users(shell, home directory,
enabled/disabled status etc)?

> Logged out.  Tried to log in as each non-root user - same <10 second
> error / login failure.

This error should tell you that it dropped an error file. Have you
looked at the contents of this file?

> Figured, hmm, maybe I should just delete and recreate the users.
> Fired up the gdm users & groups applet.  Deleted last user.  Fine.
> Deleted next user.  Fine.  Deleted main/first non-root user.  Still
> circling (five minutes now).  Something is definitely awry here.

The gui tools can sometimes hide useful errors. Can you try
adding/removing users from the cli with useradd/userdel?

> Aborted the applet.  Checked /home - all three directories are now
> gone.  Checked /etc/passwd and /etc/shadow - all three users gone.
> Recreated second user.  Paths and passwd/shadow look fine.  Logged
> out.  Attempted login with that user - failed again.

How are you looking at  /etc/passwd and /etc/shadow? If you're opening
them with an editor, you could be inadvertently changing the
permissions.

> Took Jim's advice and ran rpm -Va | grep -v '\.\.\.\.\.\.\.T' and got
> a whole long list of discrepancies, but nothing that looks too
> suspicious except /etc/sysconfig/system-config-users has ..5....T.

This tells you that the md5sum has changed, and that the modify time
has changed. Unless you were changing some values there, this
shouldn't be the case. I don't use the gui user applet you're refering
to, but I can't imagine that it would modify this file. At least not
for any sane reason.

> WTF?
I'd say try again with CLI tools to rule out any gui foolishness, and
try logging in with the user you create at firstboot rather than
logging in with root.

-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell