[Stable Update] 2020-08-28 - Can't login anymore

Hi,

Since the last Stable Update, I can’t login anymore.
However, I checked *.pacnew files with the following command:

sudo DIFFPROG=meld pacdiff

No files related to pam or pambase were prompted.
Since reboot, I can’t login anymore (only as root) and the service status is:

● user@1000.service - User Manager for UID 1000
     Loaded: loaded (/usr/lib/systemd/system/user@.service; static)
     Active: failed (Result: exit-code) since Fri 2020-08-28 13:37:13 CEST; 9min ago
       Docs: man:user@.service(5)
    Process: 1002 ExecStart=/usr/lib/systemd/systemd --user (code=exited, status=224/PAM)
   Main PID: 1002 (code=exited, status=224/PAM)

août 28 13:37:13 manjaro systemd[1]: Starting User Manager for UID 1000...
août 28 13:37:13 manjaro systemd[1002]: pam_systemd_home(systemd-user:account): systemd-homed is not available: Unit dbus-org.freedesktop.home1.service not found.
août 28 13:37:13 manjaro systemd[1002]: pam_warn(systemd-user:setcred): function=[pam_sm_setcred] flags=0x8002 service=[systemd-user] terminal=[] user=[**********] ruser=[<unknown>] rhost=[>
août 28 13:37:13 manjaro systemd[1002]: pam_unix(systemd-user:session): session opened for user **********(uid=1000) by (uid=0)
août 28 13:37:13 manjaro systemd[1002]: PAM failed: Critical error - immediate abort
août 28 13:37:13 manjaro systemd[1002]: user@1000.service: Failed to set up PAM session: Operation not permitted
août 28 13:37:13 manjaro systemd[1002]: user@1000.service: Failed at step PAM spawning /usr/lib/systemd/systemd: Operation not permitted
août 28 13:37:13 manjaro systemd[1]: user@1000.service: Main process exited, code=exited, status=224/PAM
août 28 13:37:13 manjaro systemd[1]: user@1000.service: Failed with result 'exit-code'.
août 28 13:37:13 manjaro systemd[1]: Failed to start User Manager for UID 1000.

Well, that certainly looks like an issue with PAM; I am surprised that there is not a pacnew file, though.

Do you have a system-login.pacnew file? That is the file that would be giving you problems.

1 Like

Thanks for the reply.

grep -E "pam_tally|pam_cracklib" /etc/pam.d/*
/etc/pam.d/passwd:#password	required	pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3

Content of the file /etc/pam.d/passwd:

#%PAM-1.0
#password       required        pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
#password       required        pam_unix.so sha512 shadow use_authtok
password        required        pam_unix.so sha512 shadow nullok

Content of /etc/pam.d/ folder:

[manjaro pam.d]# ls -la
total 172
drwxr-xr-x   2 root root  4096 28 août  14:05 .
drwxr-xr-x 103 root root 12288 28 août  14:06 ..
-rw-r--r--   1 root root   160 15 juil. 22:15 chage
-rw-r--r--   1 root root   160 20 août  10:11 chfn
-rw-r--r--   1 root root   103 15 juil. 22:15 chgpasswd
-rw-r--r--   1 root root   174 15 juil. 22:15 chpasswd
-rw-r--r--   1 root root   160 20 août  10:11 chsh
-rw-r--r--   1 root root   281 31 oct.   2019 crond
-rw-r--r--   1 root root    87 23 août  11:30 cups
-rw-r--r--   1 root root   160 15 juil. 22:15 groupadd
-rw-r--r--   1 root root   160 15 juil. 22:15 groupdel
-rw-r--r--   1 root root   103 15 juil. 22:15 groupmems
-rw-r--r--   1 root root   160 15 juil. 22:15 groupmod
-rw-r--r--   1 root root   259 14 août  14:54 lightdm
-rw-r--r--   1 root root   555 14 août  14:54 lightdm-autologin
-rw-r--r--   1 root root   409 14 août  14:54 lightdm-greeter
-rw-r--r--   1 root root   220 20 août  10:11 login
-rw-r--r--   1 root root   174 15 juil. 22:15 newusers
-rw-r--r--   1 root root   274 12 août  21:34 other
-rw-r--r--   1 root root   198 15 juil. 22:15 passwd
-rw-r--r--   1 root root   155 30 avril 22:43 polkit-1
-rw-r--r--   1 root root   500 13 nov.   2019 rlogin
-rw-r--r--   1 root root   425 13 nov.   2019 rsh
-rw-r--r--   1 root root    76 20 août  10:11 runuser
-rw-r--r--   1 root root    76 20 août  10:11 runuser-l
-rw-r--r--   1 root root    87 11 juin  20:21 samba
-rw-r--r--   1 root root   160 15 juil. 22:15 shadow
-rw-r--r--   1 root root   232 16 juil. 22:16 sshd
-rw-r--r--   1 root root   366 20 août  10:11 su
-rw-r--r--   1 root root    97 22 juil. 16:15 sudo
-rw-r--r--   1 root root   366 20 août  10:11 su-l
-rw-r--r--   1 root root  1258 12 août  21:34 system-auth
-rw-r--r--   1 root root   131 26 août  23:42 systemd-user
-rw-r--r--   1 root root   143 12 août  21:34 system-local-login
-rw-r--r--   1 root root   621 12 août  21:34 system-login
-rw-r--r--   1 root root   143 12 août  21:34 system-remote-login
-rw-r--r--   1 root root   260 12 août  21:34 system-services
-rw-r--r--   1 root root   160 15 juil. 22:15 useradd
-rw-r--r--   1 root root   160 15 juil. 22:15 userdel
-rw-r--r--   1 root root   160 15 juil. 22:15 usermod
-rw-r--r--   1 root root   124 14 août  14:24 vlock

I am at a loss; if the /etc/pam.d/system-login file doesn’t containg lines related to pam_tally, pam-tally2, and pam_cracklib then I’m sorry to say that don’t know what the issue is.

Just an idea - you didn’t happen to overwrite your sudoers file with sudoers.pacnew by any chance, did you?

No sudoers.pacnew file during this update and I started the update using pamac upgrade as a standard user.

Hopefully someone will come along who can help you out here, as I am out of ideas. Sorry. :worried:

No problem, thanks for helping :slightly_smiling_face:

1 Like

I updated as well, but no problems with login and I didn’t received /etc/pam.d/system-login.pacnew.

Yeah: is the same for me, and as I’ve said, no issues occurred: all is fine.
However I am puzzled about the fact that, as indicated in the announcement discussion, we have should expected system-login.pacnew.

1 Like

You would only get the pacnew file if your system-login file had been modified from the original; if there had been no modifications made, then instead of a pacnew file, the old file simply gets overwritten with the new one. That’s what happened with you - your system-login file had never been modified…

I had no problems (nor system-login.pacnew files) on any of my systems, and I have quite a few.

3 Likes

Ok it appears that a file named .pam_environment was present under my home directory.
I deleted this file and login is now successful.

3 Likes

Thankyou :slightly_smiling_face:

I had exactly the same problem and this fixed it!

I was using this file to store gPodder environment variables.
I switched to ~/.profile.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.