[arch-general] [aur-general] SOLVED- /etc/palm.d/login was messed up. GUI apps take time to load after X starts + weird behavior after upgrades

Arno Gaboury arnaud.gaboury at gmail.com
Mon Jul 2 08:50:47 EDT 2012 

> On 07/02/2012 12:55 PM, Arno Gaboury wrote:
>> Dear list,
>>
>> my system is no more running smooth after yesterday bunch of 
>> upgrades. The box has very classic and standard settings, and 
>> regularly upgraded.
>>
>> The symptoms:
>> -when login in runlevel 3, the password prompt appears twice
>> -after starx (XFCE4), all my previous open windows (Firefox, 
>> thunderbirds,clementine) take age ( 3-4 mn to display the contents).
>> -Thunderbird return invalid password to mail server, please retry. I 
>> clic on retry, then it starts.
>>
>> I suspects there is a misconfiguration in my new */etc/pam.d/login* 
>> file, and some authentification issues (se below *auth.log*)
>>
>>
>> Please find below my *pacman log:*
>>
>>> [2012-07-01 15:29] Running 'pacman -Syu --ignoregroup texlive-most 
>>> --ignore texlive-bin'
>>> .........
>>> [2012-07-01 15:30] ==> Warning: /etc/group or /etc/gshadow are 
>>> inconsistent.
>>> [2012-07-01 15:30]     Run 'grpck' to correct this.
>>> [2012-07-01 15:30] upgraded shadow (4.1.5-4 -> 4.1.5.1-1)
>>> [2012-07-01 15:30] warning: /etc/pam.d/login installed as 
>>> /etc/pam.d/login.pacnew
>>> ......
>>>
>>
>> I am not sure to have merged correctly my */etc/pam.d/login* with the 
>> new login.pacnew
>> Please find below my */etc/pam.d/login*
>>
>>> #%PAM-1.0
>>> auth        required    pam_securetty.so
>>> auth        requisite    pam_nologin.so
>>> auth                include      system-local-login
>>> auth        required    pam_unix.so nullok
>>> auth        required    pam_tally.so onerr=succeed file=/var/log/faillog
>>> # use this to lockout accounts for 10 minutes after 3 failed attempts
>>> #auth        required    pam_tally.so deny=2 unlock_time=600 
>>> onerr=succeed file=/var/log/faillog
>>> account         include      system-local-login
>>> account        required    pam_access.so
>>> account        required    pam_time.so
>>> account        required    pam_unix.so
>>> #password    required    pam_cracklib.so difok=2 minlen=8 dcredit=2 
>>> ocredit=2 retry=3
>>> #password    required    pam_unix.so sha512 shadow use_authtok
>>> session           include      system-local-login
>>> session        required    pam_unix.so
>>> session        required    pam_env.so
>>> session        required    pam_motd.so
>>> session        required    pam_limits.so
>>> session        optional    pam_mail.so dir=/var/spool/mail standard
>>> session        optional    pam_lastlog.so
>>> session        optional    pam_loginuid.so
>>> -session    optional    pam_ck_connector.so nox11
>>> -session    optional    pam_systemd.so
>>
>>
>> Feom */etc/rc.conf *:
>>
>>> DAEMONS=(ntpd syslog-ng netfs sshd crond dbus networkmanager 
>>> avahi-daemon libvirtd)
>> Nothing special in *kernel.log*.
>>
>> TY for your help.
>>
>> EDIT : Please find below *auth.log*. as it seems there is an issue it 
>> it in last lines.:
>
>> Jul  2 12:33:45 localhost polkitd(authority=local): Operator of 
>> unix-session:/org/freedesktop/ConsoleKit/Session2 successfully 
>> authenticated as unix-user:gabx to gain TEMPORARY authorization for 
>> action org.freedesktop.udisks2.filesystem-mount-system for 
>> system-bus-name::1.14 [/usr/lib/gvfs/gvfs-udisks2-volume-monitor] 
>> (owned by unix-user:gabx)
>> Jul  2 12:34:46 localhost polkitd(authority=local): Unregistered 
>> Authentication Agent for 
>> unix-session:/org/freedesktop/ConsoleKit/Session2 (system bus name 
>> :1.27, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale 
>> en_US.UTF-8) (disconnected from bus)
>> Jul  2 12:34:48 localhost login: pam_unix(login:session): session 
>> closed for user gabx
>> Jul  2 12:34:48 localhost login: pam_unix(login:session): session 
>> closed for user gabx
>> Jul  2 12:34:48 localhost login: pam_mail(login:session): pam_putenv: 
>> delete non-existent entry; MAIL
>> Jul  2 12:34:49 localhost sshd[522]: Received signal 15; terminating.
>> Jul  2 12:35:23 localhost sshd[513]: Server listening on 0.0.0.0 port 
>> 755.
>> Jul  2 12:35:23 localhost sshd[513]: Server listening on :: port 755.
>> Jul  2 12:35:38 localhost login: pam_unix(login:session): session 
>> opened for user gabx by LOGIN(uid=0)
>> Jul  2 12:35:38 localhost login: pam_unix(login:session): session 
>> opened for user gabx by LOGIN(uid=0)
>> Jul  2 12:35:39 localhost login: LOGIN ON tty1 BY gabx
>> Jul  2 12:35:59 localhost polkitd(authority=local): Registered 
>> Authentication Agent for 
>> unix-session:/org/freedesktop/ConsoleKit/Session2 (system bus name 
>> :1.27 [/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1], 
>> object path /org/gnome/PolicyKit1/AuthenticationAgent, locale 
>> en_US.UTF-8)
>
>

After enquiring a litle bit, I got the feeling all my issues were due to 
a wrong */etc/palm.d/login* after yesterday upgrade of *shadow* and 
merging login with login.pacnew.
I removed these lines from *login* file I  added after the upgrade:
> auth       requisite    pam_nologin.so
> auth       include      system-local-login
> account    include      system-local-login
> session    include      system-local-login

Now there is no more issues, but I wonder if not adding these lines, as 
suggested by login.pacnew, makes my system instable?

More information about the arch-general mailing list