On Do 21 Sep 2023 12:02:02 CEST, Petter Reinholdtsen wrote:
[Guido Berhoerster]When logging in with LightDM the first login always fails due to a discrepancy between the the home directory obtained from LDAP via getpwent() and the newly created home directory. Specifically, the LightDM daemon communicates the absolute path of the Xauthority file to the session child process and sets the HOME environment variable to the value obtained via getpwent() and uses that value to change the working directory, all resulting in fatal errors.There used to be code in libpam-mklocaluser to throw the user out after the home directory is created, to ensure that the user is not logged in with the wrong $HOME set. Is this not happening with LightDM? Because $HOME change after some processes read it, it is not possible to both create the local home directory and continue with the login.
That kickout code got dropped from libpam-mklocaluser because with GDM3 there was no evident problem. So, we went towards getting that kick-out solved rather than adding an artificial logout:
https://salsa.debian.org/debian-edu/upstream/libpam-mklocaluser/-/commit/407497044bd135bc013d32a83b091f35a9ae3abfHowever, as Guido discovered today, the session might have still been ok in GNOMEv3 (tested in bullseye), but the associated systemd --user services probably were not.
Or are you talking about being thrown out by libpam-mklocaluser when logging in for the first time? This is by design and intented due to the protocol provided by PAM.
It is not intended by design anymore... Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
Attachment:
pgppr9zI7Yl6B.pgp
Description: Digitale PGP-Signatur