non privileged user sessions close immediately after login.
while hardening a red hat enterprise 5 installation I have done something that causes the sessions of all user accounts except root to close immediately after authentication. in the /var/log/secure log file it will show three log entries per attempt:
<date/time><hostname> login: pam_unix(login:session): session opened for user fred by LOGIN(uid=0)
<date/time><hostname> login: LOGIN ON tty1 BY fred
<date/time><hostname> login: pam_unix(login:session): session closed for user fred
Since I did a number of things and have not been able to identify what caused this I am hoping that someone might have an idea of where I can look for possible culprits.