Bugzilla – Bug 1182554
cannot start greetd.service .... missing PAM module
Last modified: 2023-02-02 09:33:51 UTC
Created attachment 846366 [details] journalctl -xb output When trying to replace gdm with greetd following the steps on https://en.opensuse.org/Portal:OpenSUSEway, greetd fails to start and journal shows: úno 22 09:38:10 stitny greetd[2347]: error: PAM 'greetd' service missing When looking around, there is the file /usr/etc/pam.d/greetd with this content: ~@stitny$ cat /usr/etc/pam.d/greetd #%PAM-1.0 auth requisite pam_nologin.so auth include common-auth account include common-account password include common-password session required pam_loginuid.so session optional pam_keyinit.so force revoke session include common-session ~@stitny$ but I have still /etc/pam.d/ as well and there is no greetd file. Which one is used?
yes, I know about that issue, workaround described here: https://github.com/openSUSE/openSUSEway/issues/33
`sudo ln -s /usr/etc/pam.d/greetd /etc/pam.d/greetd`
Just FYI, the symlink helped this PAM problem, but still greetd didn’t came up anyway. I currently don’t have enough time to debug it, sorry, I will return to it later.
(In reply to Matej Cepl from comment #3) > Just FYI, the symlink helped this PAM problem, but still greetd didn’t came > up anyway. I currently don’t have enough time to debug it, sorry, I will > return to it later. check what you have in config.toml, by default (if there is no openSUSEway) it has $TERM ... Tune config according to the system and greeter you want and it will work.
(In reply to Denys Kondratenko from comment #4) > check what you have in config.toml, by default (if there is no openSUSEway) > it has $TERM ... Tune config according to the system and greeter you want > and it will work. Default which comes with the package (no openSUSEway package): etc@stitny$ cat greetd/config.toml [terminal] # The VT to run the greeter on. Can be "next", "current" or a number # designating the VT. vt = 1 # The default session, also known as the greeter. [default_session] # `agreety` is the bundled agetty/login-lookalike. You can replace `$SHELL` # with whatever you want started, such as `sway`. command = "agreety --cmd $SHELL" # The user to run the command as. The privileges this user must have depends # on the greeter. A graphical greeter may for example require the user to be # in the `video` group. user = "greeter" etc@stitny$
And no, I don't want to install openSUSEway as long as it installs imv mpv mtools vifm adwaita-qt5 on my system, which I don't want at all, and they have nothing to do with the disclosed purpose of the package.
And vim! (as a happy user of neovim, I am especially allergic to those). What's so wrong with Suggests:?
Hi Matej, so here is your issue: > command = "agreety --cmd $SHELL" $SHELL needs to be definer or just replace it. Or better use some other greeter for your taste: https://man.sr.ht/~kennylevinsen/greetd/ I also reported issue here, to maybe fix it in some future: https://github.com/openSUSE/openSUSEway/issues/37 but those settings are defaults from upstream. Thanks, Denys
(In reply to Denys Kondratenko from comment #8) > I also reported issue here, to maybe fix it in some future: > https://github.com/openSUSE/openSUSEway/issues/37 Except that this is a bug in sway not openSUSEway, isn't it?
(In reply to Matej Cepl from comment #9) > (In reply to Denys Kondratenko from comment #8) > > I also reported issue here, to maybe fix it in some future: > > https://github.com/openSUSE/openSUSEway/issues/37 > > Except that this is a bug in sway not openSUSEway, isn't it? sure, but I maintain both, and just tracking it there along with other greetd issues. greetd is default login manager for the opensuseway
Created attachment 847697 [details] journalctl -b output OK, back to this bug. I have tried with my modified openSUSEway (https://build.opensuse.org/request/show/881393 , could you take a look, please?), and gtkgreetd still crashes, so I had to return to gdm once again. I am thinking now about these lines: Mar 26 13:26:20 stitny dbus-daemon[2134]: [session uid=448 pid=2134] Activating service name='org.freedesktop.secrets' requested by ':1.6' (uid=448 pid=2158 comm="/usr/libexec/xdg-desk top-portal " label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023") Mar 26 13:26:20 stitny org.freedesktop.secrets[2250]: gnome-keyring-daemon: insufficient process capabilities, insecure memory might get used Mar 26 13:26:20 stitny gnome-keyring-daemon[2250]: couldn't access control socket: /run/user/448/keyring/control: Adresář nebo soubor neexistuje Mar 26 13:26:20 stitny gnome-keyring-d[2250]: couldn't access control socket: /run/user/448/keyring/control: Adresář nebo soubor neexistuje and Mar 26 13:26:31 stitny login[2299]: gkr-pam: unable to locate daemon control file Mar 26 13:26:31 stitny login[2299]: gkr-pam: stashed password to try later in open session ("Adresář nebo soubor neexistuje" means obviously "Directory or file doesn't exist") Any idea, what to do?
(In reply to Matej Cepl from comment #11) > Created attachment 847697 [details] > journalctl -b output > > OK, back to this bug. I have tried with my modified openSUSEway > (https://build.opensuse.org/request/show/881393 , could you take a look, > please?), and gtkgreetd still crashes, so I had to return to gdm once again. > I will check it during the weekend. There is something that we require still as pamixer: https://github.com/openSUSE/openSUSEway/blob/master/.config/sway/config.d/50-openSUSE.conf But I will check everything else later. > I am thinking now about these lines: > > Mar 26 13:26:20 stitny dbus-daemon[2134]: [session uid=448 pid=2134] > Activating service name='org.freedesktop.secrets' requested by ':1.6' > (uid=448 pid=2158 comm="/usr/libexec/xdg-desk > top-portal " label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023") > Mar 26 13:26:20 stitny org.freedesktop.secrets[2250]: gnome-keyring-daemon: > insufficient process capabilities, insecure memory might get used > Mar 26 13:26:20 stitny gnome-keyring-daemon[2250]: couldn't access control > socket: /run/user/448/keyring/control: Adresář nebo soubor neexistuje > Mar 26 13:26:20 stitny gnome-keyring-d[2250]: couldn't access control > socket: /run/user/448/keyring/control: Adresář nebo soubor neexistuje > I have the same, but without label: > label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023" > and > > Mar 26 13:26:31 stitny login[2299]: gkr-pam: unable to locate daemon control > file > Mar 26 13:26:31 stitny login[2299]: gkr-pam: stashed password to try later > in open session > > ("Adresář nebo soubor neexistuje" means obviously "Directory or file doesn't > exist") I have the same. > > Any idea, what to do? nope, I was too lazy to figure out. What I see in the log that does matter: > Mar 26 13:26:20 stitny greetd[2086]: error: check_children: greeter exited without creating a session > Mar 26 13:26:20 stitny systemd-logind[1617]: Session 1 logged out. Waiting for processes to exit. Could you please share your config files in `/etc/greetd` ? Probably your script or command fails and greeter exits, or something... I actually seen that error before, when was packaging tuigreet: https://github.com/apognu/tuigreet/issues/7
(In reply to Denys Kondratenko from comment #12) > But I will check everything else later. Thanks. > I have the same, but without label: > > label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023" Damn! I forgot! I have switched on SELinux, and I see in ausearch there are soem issues. I will take a look at it next week (I am on PTO for next three weeks). > Could you please share your config files in `/etc/greetd` ? > Probably your script or command fails and greeter exits, or something... stitny:~# for f in /etc/greetd/* ; do echo $f ; cat $f ; echo '===============' ; done /etc/greetd/config.toml [terminal] # The VT to run the greeter on. Can be "next", "current" or a number # designating the VT. vt = 1 # The default session, also known as the greeter. [default_session] # `agreety` is the bundled agetty/login-lookalike. You can replace `$SHELL` # with whatever you want started, such as `sway`. # command = "sway --config /etc/greetd/sway-config" # The user to run the command as. The privileges this user must have depends # on the greeter. A graphical greeter may for example require the user to be # in the `video` group. user = "greeter" =============== /etc/greetd/config.toml.way [terminal] # The VT to run the greeter on. Can be "next", "current" or a number # designating the VT. vt = 1 # The default session, also known as the greeter. [default_session] # `agreety` is the bundled agetty/login-lookalike. You can replace `$SHELL` # with whatever you want started, such as `sway`. # command = "sway --config /etc/greetd/sway-config" # The user to run the command as. The privileges this user must have depends # on the greeter. A graphical greeter may for example require the user to be # in the `video` group. user = "greeter" =============== /etc/greetd/environments sway-run.sh bash =============== /etc/greetd/sway-config exec "gtkgreet -l; swaymsg exit" bindsym Mod4+shift+e exec swaynag \ -t warning \ -m 'What do you want to do?' \ -b 'Poweroff' 'systemctl poweroff' \ -b 'Reboot' 'systemctl reboot' #include /etc/sway/config.d/* =============== stitny:~# I think it is untouched content of openSUSEway.
(In reply to Matej Cepl from comment #13) > (In reply to Denys Kondratenko from comment #12) > > But I will check everything else later. > > Thanks. > > > I have the same, but without label: > > > label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023" > > Damn! I forgot! I have switched on SELinux, and I see in ausearch there are > soem issues. I will take a look at it next week (I am on PTO for next three > weeks). > yeah, maybe there is some issue with it. > /etc/greetd/environments > sway-run.sh > bash and you have sway-run.sh ? Does it also fails if you choose bash ? Could you please try to choose bash and if it works just run sway-run.sh ? > > I think it is untouched content of openSUSEway. ah, so you installed openSUSEway, cool. If that wouldn't work for you, could you please try to spin VM and try to reproduce the issue ?
BTW, this doesn't look correct either: gdm-autologin 6:auth optional pam_gnome_keyring.so common-session-pc 37:session optional pam_gnome_keyring.so auto_start only_if=gdm,gdm-password,lxdm,lightdm,mdm,sddm common-session 37:session optional pam_gnome_keyring.so auto_start only_if=gdm,gdm-password,lxdm,lightdm,mdm,sddm common-password-pc 31:password optional pam_gnome_keyring.so use_authtok common-password 31:password optional pam_gnome_keyring.so use_authtok common-auth 33:auth optional pam_gnome_keyring.so common-auth-pc 33:auth optional pam_gnome_keyring.so stitny:pam.d# (notice "only_if=gdm,*")
I don't think this can be reproduced anymore, can it?
I still encounter the issue. In my case /usr/etc/pam.d/greetd did not exist - `rpm -ql greetd` revealed it is now /usr/lib/pam.d/greetd one has to symlink to /etc/pam.d.
(In reply to Georg Pfuetzenreuter from comment #17) > I still encounter the issue. In my case /usr/etc/pam.d/greetd did not exist > - `rpm -ql greetd` revealed it is now /usr/lib/pam.d/greetd one has to > symlink to /etc/pam.d. stitny~$ rpm -qf /etc/pam.d/greetd greetd-0.8.0-36.53.x86_64 stitny~$ ????
Wait a second - did I fix this manually and completely forget about it? $ rpm -qf /etc/pam.d/greetd file /etc/pam.d/greetd is not owned by any package $ rpm -q greetd greetd-0.8.0-4.3.x86_64 On a fully updated TW.
Ah, I think I understand what happened: The fix was submitted to X11:Wayland/greetd 6 months ago (sr#992399), but that was never submitted to factory... Matej, from the version number of your greetd package I assume you're using your home project home:mcepl/greetd which probably has that fix and more. Seems to me we should really merge all fixes into X11:Wayland/greetd and submit to Factory.
The latest update resolved it: ``` rpm -qf /etc/pam.d/greetd greetd-0.9.0-1.1.x86_64 ``` Thank you very much!