unable to login to ubuntu mailer server
I have set up a post fix mail server on ubuntu and it's been working for a while without a problem. However, in trying to solve a problem, I installed dtc, dtc-postfix-courier and a few other depend software. When I re-started the server, I was unable to login with my usual login information. I am able to go to recovery mode to change the password but I am still unable to login to the system. Essentially, only root is able to access data on the server. I need help.
|
I am unable to remove dtc completely strangely. If someone can provide me to remove completely, dtc and all dependent software, I believe that could solve my problem.
|
Hi -
1. You can use "apt-get --purge remove XYZ" to remove a package you installed 2. STRONG SUGGESTION: Please focus on the login error FIRST IMHO... |
Quote:
starting domain name server bin9 fail error |
Hi, again -
Q: "Starting domain name server fail" error? Is there any reason you need DNS in the first place? Nevertheless: * "DTC" is the web control panel thingy, right? If you don't need it, and you believe trying to install it started your grief then, by all means, feel free to uninstall it. * The syntax is "apt-get --purge remove XYZ", for any package "XYZ" * If possible, uninstall in the REVERSE order as you installed * If possible, uninstall as FEW packages as possible. In other words, uninstall one package (e.g. dtc-postfix-courier-xyz), reboot, and see if the system is stabile. If it is, then STOP. Otherwise, repeat for the next package (e.g. dtc-xyz) Rinse and repeat :) |
Quote:
ls /home as root |
Hi -
Quote:
Now..... What's the deal with this "can't log in" problem? Q: How are you trying to log in? From the console? From a telnet or ssh session? Q: You say you can log in as "root", but nobody else. Is this correct? Is there any error message when you try to log in as a normal user? Error messages are good :) Please see if you can find one. You can also look at any messages that occur during your login, in /var/log/messages, the "last" command, or "/var/log/audit/audit.log". It's entirely possible that trying to install dtc somehow enabled "SELinux", and SELinux is denying logins. If so, we should see those "access denied" messages in "/var/log/audit/audit.log". Just a thought... |
thanks again. I looked at the auth.log file and it seems to indicate that 'there is no such user'
This is what I am getting: Failed LOGIN(2) on /dev/tty5' for 'raspino', Authentication failure pam_winbind (login:auth): getting password (0x00000388) pam_winbind (login:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR pam error: PAM_USER_UNKNOWN (10), NTSTATUS: NTSTATUS_NO_SUCH_USER |
Cool - thank you!
It looks like installing dtc brought in winbind and/or activated SELinux. It sounds like the next step is to "apt-get purge remove winbind" (be sure to reboot afterwards): http://ubuntuforums.org/archive/inde...t-1604060.html I'm crossing my fingers ;)! |
Quote:
This is what is in the auth.log PAM adding faulty module: /lib/security/pam_winbind.so pam_succeed_if (gdm:auth): requirement "user ingroup no passwdlogin" not met by user 'raspino' |
Sigh...
How about this: 1. Make sure your "normal user" exists and has a valid password: Log in as "root", enter "passwd USERNAME" to insure the correct password is still set Try "su - USERNAME" to see if you can run a shell as that user. 2. Make sure /etc/nsswitch.conf does NOT contain any references to "win_bind": Quote:
Quote:
Toes, too ;) Good luck! |
Quote:
2. Does not contain any win-bind stuff 3. I didn't see SElinux as folder or file. Thanks again for your help... |
Hi, again -
I assume things still aren't working yet. Sorry :( A brief summary: 1. The central problem is that you can't log in as anybody but "root". You believe all this started when you tried installing dtc. I agree. 2. You removed dtc like this: apt-get --purge remove dtc apt-get --purge remove dtc-postfix-courier ... This should have removed the package(s). Unfortunately, the original install "did stuff" that we're still trying to "un-do". The dtc user is one example of something that doesn't "automatically uninstall". It's benign. It looks like "winbind" is something else that it did. 3. You found this error in "/var/log/audit/audit.log": Quote:
Quote:
TODO: * Turn SELinux OFF: vi /etc/selinux/conf: SELINUX=disabled * COMMENT OUT any references to winbind in your name resolution configuration: vi /etc/nsswitch.conf: # /tmp/.winbindd/pipe # /var/run/samba/winbindd_privileged/pipe # /lib/libnss_winbind.so.X # /var/run/samba/winbindd_idmap.tdb # /var/run/samba/winbindd_cache.tdb ... <= COMMENT OUT anything with "winbind" in it! * COMMENT OUT any references to "winbind" or "Active Directory" from your Samba configuration: vi /etc/smb.conf => [global] # security = ads # realm = LAB.EXAMPLE.COM # password server = 10.0.0.1 ... # winbind enum users = yes # winbind enum groups = yes ... # winbind use default domain = yes * RE-INSTALL the Winbind package apt-get install winbind <= I think you need it - we just want to make sure it's DISABLED * Reboot and double-check your configuration <= Make sure /etc/nsswitch.conf, /etc/selinux/conf files are still OK |
the summary is accurate but the only file/folder I don't see is
/etc/selinux/conf: |
Hi -
One more suggestion. Here are the standard /etc/pam.d configuration files for a fresh install of Ubuntu 10.10: Code:
vi /etc/pam.d/gdm: Code:
vi /etc/pam.d/gdm-autologin: Code:
vi /etc/pam.d/login (comments stripped for readability): I don't have an "/etc/selinux/conf" in my new Ubuntu 10.10, either. All I have is an empty "/selinux" root directory. So I guess we can safely assume SELinux isn't an issue ;) |
All times are GMT -5. The time now is 04:49 PM. |