New install, password resets after login

Hi,

I just did a fresh install and everything appeared to work, was able to boot and log in, however, I noticed that sudo didn’t work (says wrong password). I still have root login enabled and can su into root. If I change the users password from there, sudo temporarily works again. I noticed that if the screen locks, the password doesn’t work either, so I had to reboot and found I couldn’t log in again. I can still log into root and can, again, reset the password and it works. Once. Then I need to reset it again.

I took a look at https://forum.manjaro.org/t/unstable-update-2020-08-22-pamac-mate-1-24-1-gcc-10-2-python-haskell/11233/3 but mine doesn’t contain any entries for tally2 and already had user_readenv set. In fact, my files look identical to these: https://forum.manjaro.org/t/help-with-pam-and-stable-update-2020-08-28/22184/2 (except for the autologin one, which I don’t have, but I didn’t enable autologin).

My pam.d files look exactly like this: https://forum.manjaro.org/t/stable-update-2020-08-28-cant-login-anymore/16287/3 (only difference is I have i3lock installed too) with no .pacnew files and I don’t have a .pam_environment file in my home directory or elsewhere.

I don’t know how to proceed from here.

This is a brand new install, following the instructions on the website using the architect image.

I can’t post links directly, I guess because this is a new forum account, so I quoted them instead.

EDIT: I’ve been poking around some more and it seems I can log in again, multiple times (I rebooted, logged in, rebooted, logged in… 3 times without problem), but sudo does not work. I can’t even get it to work after changing password now :flushed: If I lock the screen with i3lock, I also cannot unlock it again.

I think you have to add your user to the wheel group. How to Add Users on Arch Linux – Linux Hint

My user was added to the wheel group form the start. The user was created by the install system which seems to do this. The very first login, after rebooting from the architect image, sudo worked I believe and then after reboot it doesn’t work. But it’s not just sudo, it’s also screen lock and while logging in seems to be working now, it didn’t work at first (I’m not sure what changed, I need to poke at it more as I get time to try and figure that out)

Make sure you are part of the wheel group by typing the command groups in a terminal, you should see wheel in the output. That’ s as far as my knowledge goes friend.

Passwords don’t (and should not) chance every second and as far I know only after user interference.

What I can think of is:

  1. hardware defect.
    Cannot help with that.

  2. Somehow you corrupted /etc/passwd and/or /etc/shadow
    Become root and back those files up than run pwconv
    check if the files are rebuild.

  3. Somehow your keyboard layout config changes during the session
    try to set it again it and look if it works.
    for instance with " setxkbmap us"

In both cases (2th and 3th) you need to figure out how it could happen.

1 Like

Yeah, which is why this is so baffling.

Unless I’m doing it wrong, this didn’t make any difference. Also, I can consistently log in as root.

This seems like the most likely candidate to me, as I am a colemak user. I did change the keyboard layout to colemak systemwide between when logins didn’t work and when they did, so maybe that’s what fixed logins. I didn’t think so because before, neither typing the password as qwerty or as colemak worked. In any case, I set the layout with localectl set-keymap colemak and localectl set-x11-keymap -layout gb -variant colemak. Changing it to US with setxkbmap us did not make a difference to sudo, however.

Note also that this problem happened consistently: I installed yesterday, was able to log in, found that sudo didn’t work, was not able to log in. Then I simply reinstalled, but the problem happened again so now I’m trying to figure out why. But basically, it happened twice on two fresh reinstalls (same hardware though, if it somehow is a hardware issue. But why is root not affected?)

EDIT: Oh, the one other thing I did that possibly may have fixed logins is that I ran systemctl mask systemd-homed.service as suggested in one of the other forum posts. Either way, it had no impact on lock screen or sudo, but may have fixed the login issue :man_shrugging:

Also, the user does seem to be in the wheel group:

$ id dan
uid=1000(dan) gid=1000(dan) groups=1000(dan),998(wheel),995(audio),993(input),991(lp),988(storage),986(video),3(sys),90(network),98(power)

oke what is the output of

sudo cat /etc/passwd | grep dan

and do you get a output with?

sudo cat /etc/shadow | grep dan

(no need to show it but only if you get an output like dan:$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)

btw seeing groups with “id username” instead of “groups” never thought of that

:thinking:

Thanks for the help, I greatly appreciate it.

Here’s the output (I set my password to “qaz” for testing as those characters are the same in colemak and qwerty, so I don’t mind pasting output of /etc/shadow etc, I’ll change it once the issue is figured out anyway):

~  groups
sys network power docker video storage lp input audio wheel dan
~  sudo cat /etc/passwd | grep dan
[sudo] password for dan: 
Sorry, try again.
[sudo] password for dan: 
sudo: 1 incorrect password attempt
~  su
Password: 
[dan]# sudo cat /etc/passwd | grep dan
dan:x:1000:1000::/home/dan:/usr/bin/zsh
[dan]# cat /etc/shadow | grep dan
dan:$6$EzTckrcIAWEuvlIq$nHqJnvT6vpWfL845vIOtG4u0fqSL.y.yH0GoUJfjO7EjGYTa9gH6L0xsUpylVF5gBSF2sGJFrxna8nKogKinB1:18515:0:99999:7:::
[dan]#

Mhh seems to be oke

I wonder what

passwd -S dan

gives.

It allmost seems as if the password is locked or inactive.

It is to bad I dont know a command that shows the date and time the last change of a password has been done. Day month and year yes but time is essential here I think

[dan]# passwd -S dan
dan P 09/10/2020 0 99999 7 -1

I’m not sure if related, but if I run systemctl start <anything> as dan (not root), then the GUI authentication prompt appears and under the password input it states (10 minutes left to unlock) as if I had entered the password incorrectly a few times and time locked it (I definitely did not, I haven’t touched this laptop between my previous message and now, so in about an hour!) Could it somehow think its timelocked? Maybe that’s preventing me from authenticating with sudo or i3lock?

In fact, I just logged out and now my login screen is telling me “4 minutes left to unlock”.

could be.

pure password related there does not seem to be any issue.

This is my /etc/pam.d/system-auth:

%PAM-1.0

auth       required                    pam_faillock.so      preauth
# Optionally use requisite above if you do not want to prompt for the password
# on locked accounts.
auth       [success=2 default=ignore]  pam_unix.so          try_first_pass nullok
-auth      [success=1 default=ignore]  pam_systemd_home.so
auth       [default=die]               pam_faillock.so      authfail
auth       optional                    pam_permit.so
auth       required                    pam_env.so
auth       required                    pam_faillock.so      authsucc
# If you drop the above call to pam_faillock.so the lock will be done also
# on non-consecutive authentication failures.

-account   [success=1 default=ignore]  pam_systemd_home.so
account    required                    pam_unix.so
account    optional                    pam_permit.so
account    required                    pam_time.so

-password  [success=1 default=ignore]  pam_systemd_home.so
password   required                    pam_unix.so          try_first_pass nullok shadow
password   optional                    pam_permit.so

session    required                    pam_limits.so
session    required                    pam_unix.so
session    optional                    pam_permit.so

I will remove those faillock entries and see what happens…

Unfortunately, removing those entries did not make a difference.

But I made a breakthrough! Not in figuring out how to fix it, but maybe a hint to what is wrong.

I can sudo! And unlock the lock screen! But not with my current password, rather with my previous password. To double check this, I changed my password from “qaz” to “wsx” and now I log in (And use su) with “wsx“, but I can sudo and unlock the lock screen with “qaz”. Strange.

Did you buy your system (or components ) at a Penner and Teller store??
This is totally strange behavior and personally never seen it before.

To tackle password realted things you could try to do the following.

passwd -e dan

this forces to change the password after a reboot.
Reboot

set new password.

and the directly

sudo passwd -n 30 dan

This blocks changing the password for 30 days (you can pick lesser or more days if you want)

Hmm, I tried your suggestion but passwd -e dan did not force a password change. When I ran it, it said “password expiry information changed” but nothing happened after rebooting.

Well, shit. So I eventually gave up on this. Had work to do and couldn’t spend any more time on debugging this, so reinstalled ubuntu (it was a ubuntu dell xps, so shipped with ubuntu) and everything runs fine in that. Still sad I can’t get manjaro working.

Anyway, I updated my old laptop, which has been running Manjaro without issue since January 2019 and after the update it has the same problem! I can log in, I can su to root, but sudo will simply not work… I’ve tried all the previous troubleshooting and everything else I could find on the forums and nothing is working for me. I’m starting to think there’s a deeper problem in a recent update that’s causing this.

Hi!
Did you check if there are some *.pacnew files

I did. There were a few, but they seemed unrelated (eg lightdm) and merging them did not resolve it. I didn’t have any in /etc/pam.d/ or anything like that. If there were some that caused it, then I overlooked them.

But of the two laptops, the first one from last week was a completely clean install, only the old laptop today was an update.

Hello, the same thing happens to me, it is as if the password was changed, although I have configured in my cell the kde connect and unlock screen how to execute order without problem unlocks the session, I have to change the user’s password although I always put the same, the last thing that I try and where I think the problem is going is with the kde wallet.