Unable to login in redhat9 after upgrading from Redhat7.3
I have REDHAT 7.3 system. Recently UPGRADED to REDHAT9. After upgrade REDHAT9 is not allowing to login. Unable to login as ROOT or any other user. I don't have any option here.. otherthan Reboot & Shutdown.
Booted system in Single and Emergency mode.
In single mode changed the root password and tryed to login as root by using LOGIN command It's giving following error
login(pam_unix)[262[:session opened for user root by (uid=0)
login:pam_krb5:Configuration file does not specify default realm building user principal for 'root'
I tryed to login as guest user. Getting same above error.
In Emergecny mode it accepts ROOT passwd . But same password is not accepting in normal boot.
It's not givning any errors like Invalid password or any other password. After entering user name ROOT and password , the screen again comes back to Login Prompt with no errors. In case if i type wrong pasword then it's giving error " invalid password , Login incorrect " messages.
I found one solution on Redhat Support . As per that i removed .LOCK files from /etc. Still same problem
Anyone can help me pls.
boot again into single mode and run this:
on the inital screen, make sure that
- no entries are marked (unless you know what it'll do)
hit next. then on the ff screen, mark:
- Use Shadow Passwords
- Use MD5 Passwords
and leave the other two unmarked. Then hit OK. The two above options are the default in Red Hat.
change your password (to b sure that you did not forget it) and exit from single/rescue mode.
then try logging in.
Very Much thanx for info. I did it with authconfig. It's working fine.
Can you kindly let me know why it happend. I think by default it should be able to set the min. required parameteres.
While upgrading it didn't ask any more question. I selected Upgrade GRUB option.
After upgrading GRUB window shows following 4 kernels. As per Redhat doc. it creates Redhat linux & Redhat linux SMP for Pentium IV systems. But here it created additional 2 more kernels. Below r kernel names
Redhat Linux (2.4.20-8smp)
Redhat Linux (2.4.20-8)
Redhat Linux (2.4.20-8bigmem)
Redhat Linix (2.4.20-8BOOT)
Kindly let me know about it
Thanx once again
Authconfig is slightly broken; if you select Kerberos or LDAP authentication (you selected Kerberos, perhaps by accident) at installation and those services are not available, then you can't log in regardless of the settings in nsswitch.conf.
The bug's documented in Red Hat's Bugzilla, and the guy responsible for fixing it is Nalin Dayabhai. It's been unfixed for a long time now...........
You can hand-edit the /etc/pam.d/system-auth file to get more sane behaviour, but if you run authconfig afterwards it'll overwrite your changes.
I have deleted authconfig from all corporate systems because of this problem. I hand-edit everything instead, so that I can still log in as root even if an LDAP server is not reachable.
I have a question about your system-auth file. Could you look at my file and tell me how I can get it to log in as root if I cannot contact an LDAP server?
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/$ISA/pam_ldap.so
password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_ldap.so
I am running RedHat Linux 9.0
On the second "account" line (the complicated one) add the phrase "authinfo_unavail=ignore" and you'll be OK.
account [default=bad success=ok authinfo_unavail=ignore user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/$ISA/pam_ldap.so
That's the authconfig bug - if you run authconfig again it will overwrite this setting (so, I remove authconfig, personally).
This bug exists in Red Hat 7 through 9. It's pretty severe; if the local ldap daemons fail you can't recover without booting single-user mode. Apparently RH don't feel it's important enough to fix, though...
thanks for the info Medievalist. That worked like a charm!
|All times are GMT -5. The time now is 12:17 AM.|