1

Configuration

  • CentOS 7.5.1804
  • GDM, LightDM, SDDM tested
  • yum group "KDE Plasma Workspaces" as desktop environment, GNOME also tested
  • LDAP logins provided by sssd, /home/* mounted via autofs over NFS

Problem

Login as the root user works, as well as any other local user. Bypassing the login screen by switching to TTY2, logging into an ldap user via the terminal, and doing startx also works, but logins from the display manager itself pause for a half second and then bounce back to the display manager.

output of systemctl status gdm --

Jun 18 15:04:55 hpcl1-1.salisbury.edu systemd[1]: Starting GNOME Display Manager...
Jun 18 15:04:55 hpcl1-1.salisbury.edu systemd[1]: Started GNOME Display Manager.
Jun 18 15:05:12 hpcl1-1.salisbury.edu gdm-password][4421]: pam_sss(gdm-password:auth): authentication success; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=rquackenbush1
Jun 18 15:05:15 hpcl1-1.salisbury.edu gdm[4144]: Failed to remove greeter program access to the display. Trying to proceed.
Richard Quackenbush
  • 11
  • 6

1 Answers1

0

The issue was the user's login shell was a wrapper (inherited from a legacy system), and we were in the middle of an upgrade of the OS, which had selinux enabled by default. Switching to selinux permissive fixed it, but our permanent fix was to remove the wrapper and restrict SSH into our servers via PAM.

Richard Quackenbush
  • 11
  • 6