Comment 1 for bug 877766
Revision history for this message
| John Bramley (john-bramley) wrote Re: lightdm login fails with NFS home | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
2eb648a
demo site
(Get the code!)
I have the same problem: logging in as a user with NFS home directory fails
permissions on users home directories: rwx------ (default as created by useradd)
NFS (v3) filesystem is not exported with root permission for client machine (i.e. no 'no_root_squash' option)
User enters username and password on login screen and then screen goes black and login window reappears.
Giving root access on the users home directory allows logins to work:
chmod o+x <user home directory>
or if ACLs enabled for the filesystem:
setfacl -m user:65534:x <user home directory>
without changes /var/log/
[+16.20s] WARNING: Failed to change to home directory /npdisks/home/jb: Permission denied
relevant lines in lightdm.log:
[+15.91s] DEBUG: Authenticate result for user jb: Success
[+15.91s] DEBUG: User jb authorized
[+15.91s] DEBUG: Wrote 24 bytes to greeter
[+15.95s] DEBUG: Read 8 bytes from greeter
[+15.95s] DEBUG: Read 10 bytes from greeter
[+15.95s] DEBUG: Greeter requests session ubuntu
[+15.95s] DEBUG: Stopping greeter
[+15.95s] DEBUG: Dropping privileges to uid 106
[+15.95s] DEBUG: Removing session authority from /var/lib/
[+15.99s] DEBUG: Restoring privileges
[+15.99s] DEBUG: Sending signal 15 to process 7053
[+16.00s] DEBUG: Process 7053 exited with return value 0
[+16.00s] DEBUG: pam_close_
[+16.00s] DEBUG: pam_setcred(
[+16.00s] DEBUG: pam_end(0xc5a840) -> 0
[+16.00s] DEBUG: Ending ConsoleKit session 137061b491bb03a
[+16.09s] DEBUG: Greeter quit
[+16.09s] DEBUG: Starting user session
[+16.11s] DEBUG: Dropping privileges to uid 6057
[+16.11s] DEBUG: Writing /npdisks/
[+16.11s] DEBUG: Restoring privileges
[+16.15s] DEBUG: Starting session ubuntu as user logging to /npdisks/
[+16.15s] DEBUG: Launching session
[+16.15s] DEBUG: pam_set_
[+16.16s] DEBUG: pam_open_
[+16.19s] DEBUG: Opened ConsoleKit session 137061b491bb03a
[+16.19s] DEBUG: Dropping privileges to uid 6057
[+16.19s] DEBUG: Adding session authority to /npdisks/
[+16.20s] DEBUG: Restoring privileges
[+16.20s] DEBUG: Launching process 7148: /usr/sbin/
[+16.20s] WARNING: Failed to change to home directory /npdisks/home/jb: Permission denied
[+16.20s] DEBUG: Registering session with bus path /org/freedeskto
[+16.20s] DEBUG: Process 7148 exited with return value 1
[+16.21s] DEBUG: pam_close_
[+16.21s] DEBUG: pam_setcred(
[+16.21s] DEBUG: pam_end(0xc6a9f0) -> 0
[+16.21s] DEBUG: Ending ConsoleKit session 137061b491bb03a
[+16.24s] DEBUG: User session quit
having a brief look at the source for lightdm, src/session.c :
/* Change working directory */
if (chdir (user_get_
{
g_warning ("Failed to change to home directory %s: %s", user_get_
_exit (EXIT_FAILURE);
}
/* Change to this user */
if (getuid () == 0)
{
if (initgroups (user_get_name (user), user_get_gid (user)) < 0)
{
_exit (EXIT_FAILURE);
}
if (setgid (user_get_gid (user)) != 0)
{
_exit (EXIT_FAILURE);
}
if (setuid (user_get_uid (user)) != 0)
{
_exit (EXIT_FAILURE);
}
}
I think it should be a simple case of moving the section:
/* Change working directory */
if (chdir (user_get_
{
g_warning ("Failed to change to home directory %s: %s", user_get_
_exit (EXIT_FAILURE);
}
to after the /* Change to this user */ section.
i.e.:
.
.
if (setuid (user_get_uid (user)) != 0)
{
_exit (EXIT_FAILURE);
}
}
/* Change working directory */
if (chdir (user_get_
{
g_warning ("Failed to change to home directory %s: %s", user_get_
_exit (EXIT_FAILURE);
}