.Xauthority issue- users cannot log in if they have a home directory
Linux - DesktopThis forum is for the discussion of all Linux Software used in a desktop context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
.Xauthority issue- users cannot log in if they have a home directory
Hello:
I am running ubuntu 16.04.4 LTS
and using LXDM as a Display Manager.
As soon as I create a home directory for a user, they cannot log in via the GUI. The password is accepted, but logins are spit right back to the greeter screen. The same user can log in via terminal or ssh with no issues. Looking at auth.log I see the entry:
session opened for user LogAdmin by (uid=0)
Nov 17 01:03:33 MECKSYSLOG lxdm-session: pam_unix(lxdm:session): session opened for user LogAdmin by (uid=0)
Nov 17 01:03:33 MECKSYSLOG lxdm-session: pam_systemd(lxdm:session): Cannot create session: Already running in a session
Nov 17 01:03:33 MECKSYSLOG lxdm-session: pam_unix(lxdm:session): session closed for user LogAdmin .
If I remove the user's home directory, they can log in without issue. I suspect it's the .Xauthority "cookie" that is causing my issue. I have tried reboots, creating new users, etc, but the consistent issue is that as soon as the user has a home directory, the .Xauthority file goes in there and the user cannot log in.
Any help is appreciated!!
Thanks for your replies (both)
I am in an environment where I have to add some users with shell scripts and there are some custom perms required, so it is unfortunate that I can't use all the built-in Ubuntu methods. Thank you for that advice...
I have gotten a bit further and I have now discovered that my users have to be a member of the "root" group in order to log in (to the desktop, all users can log in fine to a terminal).
I tried changing the permissions on the home directory to user:user, and when that didn't work changed perms on all files and directories inside the homedir to user:user. No change to the original problem.
What DID work was adding the user to the root group. Invariably, if I add a user to the root group, they can log in (whether they have a home dir or not). I notice that the .Xauthority cookie gets created when they log in and is assigned the correct permissions (user:user) in the home directory.
So, I imagine that users which are not members of the root group are lacking privileges to a file somewhere which they need to be able to access in order to log in. Still looking for that file.
that does not make any sense at all, no one but root should be root group,
ask yourself how are others logging into ttys while not being in the root group?
if I set up my laptop to login using two ttys and gui for booth if memory serves me right, I can switch ttys login as someone else and start a desktop without issues. sorry I do not know all of the nooks and crannies of how this works. but having to put each user in the root group just does not sound correct to me, but I could be wrong.
Well,
Thanks VERY much for your help. The bottom line was that inside the scripts which are executed after the greeter ( specifically /etc/X11/XSession line 66) there is a chmod command run on an error file (line 66 of that script). For security purposes, I had restricted the use of chmod to only members of the root group.Since the script is run as the user (not root) it would error out because it couldn't run chmod, and the login would abort.
If the user did not have a home dir, then the file didn't exist, and chmod was not attempted. Thus, users (1)with a home directory who (2)were not members of root could not log in.
Apparently users need to have chmod abilities in this environment, in order to start a session. Good to know.
Last edited by chrisr710; 11-20-2018 at 03:09 PM.
Reason: made it a little clearer in case it helps some other poor sap someday.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.