Mageia forum

( I am in need for more support as a linux beginner)

Mageia 4.1 64b KDE, Gnome or gnome classic

2 problems, that maybe related.

1. I have to login twice:
I have to cancel the 1st entry, user name and password, and only at the 2nd time I actually able to log in.
2. Unable to run mcc from: tools, system tools, Mageia Control Center. There is no response after I enter the password as required. I can only access mcc from console (as root user) .

No matter which of the three I am using: KDE, Gnome or Gnome classic.
Please advice
JJF

JJF wrote:1. I have to login twice:
I have to cancel the 1st entry, user name and password, and only at the 2nd time I actually able to log in.

How do you "cancel" the first entry? Can you explain a bit more what happens? And you login as normal user, right?
Do you have auto-login enabled? Also, which login/display manager do you use? You can see the screenshots and names e.g. in https://wiki.mageia.org/en/Display_Managers

JJF wrote:2. Unable to run mcc from: tools, system tools, Mageia Control Center. There is no response after I enter the password as required. I can only access mcc from console (as root user) .

What password do you enter there? root password or user password? Did you change anything in http://doc.mageia.org/mcc/4/en/content/draksec.html
What happens when you run

Code: Select all: drakconf

in a terminal as normal user?
Also please show the output of the following command as root:

Code: Select all: ps -ef | grep v- grep | grep -i polkit

Thanks - doktor5000

I did not find a proper match from the images you suggested that are similar to my login screen.
1. I attach poor phone images. The first image0069 is from where I select the user, image0070 is where I enter the password and image0071 where I cancle the selection. After cancelation I am presented again with image0069, I select the same user, enter the password, I am logged in.

2. Run drakconf I was presented with the request to enter password. then, the mcc was displayed and I could use it "normally".

ps -ef | grep v- grep | grep -i polkit reported an error : "grep: grep: No such file or directory"

Thanks in advance
JJF

JJF wrote:2. Run drakconf I was presented with the request to enter password. then, the mcc was displayed and I could use it "normally".

Again - what password did you enter there?

JJF wrote:ps -ef | grep v- grep | grep -i polkit reported an error : "grep: grep: No such file or directory"

Whoops sorry that was a typo, "-" and "v" were in the wrong order - please try again

Code: Select all: ps -ef | grep -v grep | grep -i polkit

Will have a look at the screenshots in the meantime ...

doktor5000 wrote:Will have a look at the screenshots in the meantime ...

Looks like GDM.

Simple question: What happens when you just press "Sign In" at image0069 ?

1. (For my convenience I made root and my password identical) I enter my (root) password to login
2. Per your question I "enter" with password window empty. No loggin. On the 2nd try I received an error message.

ps -ef | grep -v grep | grep -i polkit:

polkitd 2724 1 0 18:52 ? 00:00:00 /usr/lib/polkit-1/polkitd --no-debug
jacob 6238 1 0 18:55 ? 00:00:00 /usr/lib64/kde4/libexec/polkit-kde-authentication-agent-1

Any clue?
Tks
JJF

JJF wrote:1. (For my convenience I made root and my password identical) I enter my (root) password to login

Convenience or not, this is not a good idea and already a concept for trouble. Would probably be easier to just leave the user without a password (empty password).

JJF wrote:2. Per your question I "enter" with password window empty. No loggin. On the 2nd try I received an error message.

On your first screenshot there's something for the password. If your user has a password, it is logical that it won't let you login without providing a password.
For the second try, what was the error message? C'mon, please be a little more verbose, otherwise nobody can really help you from remote.

JJF wrote:ps -ef | grep -v grep | grep -i polkit:

polkitd 2724 1 0 18:52 ? 00:00:00 /usr/lib/polkit-1/polkitd --no-debug
jacob 6238 1 0 18:55 ? 00:00:00 /usr/lib64/kde4/libexec/polkit-kde-authentication-agent-1

This looks OK.

The first screen = image0069. I selected user jacob, I was, than, presented by image0070 to enter password.
As you suggested, I left it empty and enterred "Enter". No response whatsoever.
At this point I am unable to quote the error message displayed at the 2nd try, as I'm not by the PC. Will do it later today.
Tks
JJF

On the 2nd empty password, the error message was:
'Sorry, that didn't work. Please try again:.
Tks
JJF

JJF wrote:The first screen = image0069. I selected user jacob, I was, than, presented by image0070 to enter password.
As you suggested, I left it empty and enterred "Enter". No response whatsoever.

Seems you're confusing some things here. You can not leave the password field in login manager empty, if there's a password for the user. This will always fail, obviously.
Please re-read my last post, there are two answers for two different issues you brought up. Please don't mix them up with one another.
What I was asking for was viewtopic.php?p=51790#p51790
You say then when login manager starts, username and password are pre-filled, but you need to "cancel" this then.

I simply don't understand why you need to cancel that and why you don't simply login?

JJF wrote:On the 2nd empty password, the error message was:
'Sorry, that didn't work. Please try again:.

That is obvious. If a password for the user is set, the system will not log you in without the password. Read my two previous posts again.

I probably misunderstood your instructions.
Let me clarify myself.
The sequence is as follows:
At the end of the boot proccess I am presented with image0069 without the password window.
I, than, select a user to login, i.e.: jacob after which the password window is displayed.
I enter the correct password, but NADA.
I, than press "cancle" to return to the user selection screen, from which I can select 1 of the three names again.
I, again, select jacob after which the password window appears.
I enter the correct password and can than proceed normally to the desktop.

Is there more information I can provide now?

Tks
JJF

I failed to mention that in both the 1st and the 2nd time (obviously) afterI enter the password I press "sign in".
sorry
JJF

I did not change nothing in http://doc.mageia.org/mcc/4/en/content/draksec.html

JJF wrote:The sequence is as follows:
At the end of the boot proccess I am presented with image0069 without the password window.
I, than, select a user to login, i.e.: jacob after which the password window is displayed.
I enter the correct password, but NADA.

NADA means what exactly? What happens?

Can you please try this again, and if you're at the point of NADA, please do the following:
Switch to a tty via Ctrl+Alt+F3 and login as root. Then run the following command, and please post the contents of the file /tmp/output.log here.

Code: Select all: journalctl -ab | tail -250 > /tmp/output.log

NADA means: The password window greyed as well as the "Sign In" button. I wait a long time (several minutes or up until the screen blanked out) to repeat the process logged in and proceed normally.

[I hope I followed your instructions precisely]:

Ctrl+Atl+F3 logged in as root
# last login: Sun Jan 12 19:45:10 on:0
# journal -ab | tail -250 > /tmp/output.log
Yield an error message: "bash: journal .... command not found

(I guess that no output.log was generated)
Is this what you expected??

Tks
JJF

I'll do it again correctly
Sorry

(I too mispelled...)

#journalctl -ab | tail -250 > /tmp/output.log
was uploaded
hopefully with the required data

Well, I don't use gdm and the developers I've asked to take a look are currently quite swamped.

Your best bet is probably to simply change to another DM and try again, if the issue still persists. So to switch to KDM, as root run

Code: Select all: urpmi kdm

then as root run

Code: Select all: drakdm

and select KDM so that it gets selected as default display manager. Then answer the question to restart DM service with Yes (this will restart your current X session) and try again.

Apart from my previous post, there are quite some issues in the log you've posted which should also be fixed.

Do you use some virtualisation (qemu? libvirt?) or did you enter some custom firewall rules somewhere?

Code: Select all: Sep 30 19:59:38 localhost.localdomain libvirtd[3390]: internal error: Child process (/bin/sh -c 'IPT="/usr/sbin/iptables" cmd='\''$IPT -n -L FORWARD'\'' eval res=\$$"${cmd} 2>&1"$ if [ $? -ne 0 ]; then echo "Failure to execute command '\''${cmd}'\'' : '\''${res}'\''."; exit 1;fi ') unexpected exit status 1 Sep 30 19:59:38 localhost.localdomain libvirtd[3390]: Testing of iptables command failed: Failure to execute command '$IPT -n -L FORWARD' : 'Another app is currently holding the xtables lock. Perhaps you want to use the -w option?'. Sep 30 19:59:38 localhost.localdomain libvirtd[3390]: internal error: Child process (/bin/sh -c 'IPT="/usr/sbin/ip6tables" cmd='\''$IPT -n -L FORWARD'\'' eval res=\$$"${cmd} 2>&1"$ if [ $? -ne 0 ]; then echo "Failure to execute command '\''${cmd}'\'' : '\''${res}'\''."; exit 1;fi ') unexpected exit status 1 Sep 30 19:59:38 localhost.localdomain libvirtd[3390]: Testing of ip6tables command failed: Failure to execute command '$IPT -n -L FORWARD' : 'Another app is currently holding the xtables lock. Perhaps you want to use the -w option?'.

This seems to be the relevant log part for your login/authentication issue:

Sep 30 19:59:49 localhost.localdomain gdm-password][4761]: pam_succeed_if(gdm-password:auth): requirement "user ingroup nopasswdlogin" not met by user "jacob"
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: (gnome-shell:4633): Gjs-WARNING **: JS ERROR: Exception in callback for signal: next: Error: can't convert this._frame to an integer
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: Animation<._showFrame@/usr/share/gnome-shell/js/ui/animation.js:55
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: wrapper@/usr/share/gjs-1.0/lang.js:213
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: Animation<.play@/usr/share/gnome-shell/js/ui/animation.js:31
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: wrapper@/usr/share/gjs-1.0/lang.js:213
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: AuthPrompt<.setActorInDefaultButtonWell@/usr/share/gnome-shell/js/gdm/authPrompt.js:312
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: wrapper@/usr/share/gjs-1.0/lang.js:213
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: AuthPrompt<.startSpinning@/usr/share/gnome-shell/js/gdm/authPrompt.js:328
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: wrapper@/usr/share/gjs-1.0/lang.js:213
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: AuthPrompt<._init/<@/usr/share/gnome-shell/js/gdm/authPrompt.js:67
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: _emit@/usr/share/gjs-1.0/signals.js:124
Sep 30 19:59:54 localhost.localdomain gnome-session[4524]: AuthPrompt<._initButtons/<@/usr/share/gnome-shell/js/gdm/authPrompt.js:191
Sep 30 19:59:56 localhost.localdomain gdm-password][4761]: pam_tcb(gdm-password:auth): conversation failed
Sep 30 19:59:56 localhost.localdomain gdm-password][4761]: pam_tcb(gdm-password:auth): Unable to obtain a password
Sep 30 19:59:57 localhost.localdomain gdm-password][4765]: pam_succeed_if(gdm-password:auth): requirement "user ingroup nopasswdlogin" not met by user "jacob"

Some related bugreports suggest that the issue at the top of the quoted excerpt occurs, when either
- password is in expiration phase: https://bugs.launchpad.net/ubuntu/+sour ... bug/613371
- if your password is empty: https://bugzilla.redhat.com/show_bug.cgi?id=1057944#c11

The lower messages either occur for:
- DNS/name resolution issues when you login via ssh: http://ubuntuforums.org/showthread.php?t=1076786
- for an incomplete or netinstall installation of Mageia: https://bugs.mageia.org/show_bug.cgi?id=395

Best would be to attach your current

Code: Select all: /var/log/auth.log

Apart from that. seems you changed the file permissions of your ssh host keys, which makes them invalid:

Sep 30 19:59:38 localhost.localdomain sshd[3474]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Sep 30 19:59:38 localhost.localdomain sshd[3474]: Permissions 0644 for '/etc/ssh/ssh_host_key' are too open.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: It is required that your private key files are NOT accessible by others.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: This private key will be ignored.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: bad permissions: ignore key: /etc/ssh/ssh_host_key
Sep 30 19:59:38 localhost.localdomain sshd[3474]: Could not load host key: /etc/ssh/ssh_host_key
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Sep 30 19:59:38 localhost.localdomain sshd[3474]: Permissions 0644 for '/etc/ssh/ssh_host_rsa_key' are too open.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: It is required that your private key files are NOT accessible by others.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: This private key will be ignored.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: bad permissions: ignore key: /etc/ssh/ssh_host_rsa_key
Sep 30 19:59:38 localhost.localdomain sshd[3474]: Could not load host key: /etc/ssh/ssh_host_rsa_key
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
Sep 30 19:59:38 localhost.localdomain sshd[3474]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Sep 30 19:59:38 localhost.localdomain sshd[3474]: Permissions 0644 for '/etc/ssh/ssh_host_dsa_key' are too open.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: It is required that your private key files are NOT accessible by others.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: This private key will be ignored.
Sep 30 19:59:38 localhost.localdomain sshd[3474]: bad permissions: ignore key: /etc/ssh/ssh_host_dsa_key
Sep 30 19:59:38 localhost.localdomain sshd[3474]: Could not load host key: /etc/ssh/ssh_host_dsa_key
Sep 30 19:59:38 localhost.localdomain sshd[3474]: Disabling protocol version 2. Could not load host key
Sep 30 19:59:38 localhost.localdomain sshd[3474]: sshd: no hostkeys available -- exiting.

How and why did you do that? Any more permissions changes in your /etc folder or somewhere else?
Best fix the ssh key issue as root via

Code: Select all: chmod 0600 /etc/ssh/ssh_host_key /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key

And please show the output as root of

Code: Select all: ls -al /etc/ssh/

IMHO I will begin with your 2nd post
[2 reasons for that: 1. This box started as a Mandrive 10.0, changed to mageia 2, unsuccessfully upgraded to mageia 3 and currntly upgraded to mageia 4.1 from a 64b iso dvd. It did not have the "double" login up until few weeks ago after the upgrade to Mageia 4.1.
2. Yesterday, before saving the journalctl, I tried to enable remote access to this PC. I followed a tutorial found in the internet. It suggested to change SSH port and some parameters in the firewall. This, I beleive was reflected in the file I attached and uploaded per your request. Currently, I cancled all changes that I made, and believe that the state of both firewall and the SSH are as were before the changes).

Answers:

1. I have VirtualBox installed , but I removed the Windows 7 virtual disk. So currently there is nothing to run beside the VirtualBox application itself.
2. There is no such file /var/log/auth.log
3. I run chmod 0600 /etc/ssh/ssh_host_key /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key and finished with no errors
4. I attached ls -al /etc/ssh/

I will read the 4 links that you mentioned after I will send this answer and reboot to see if the "chmod" has cured the phenomenon.

Does it make sense??

Thanks a lot for your patiance
JJF

dokto5000

Preface:
Before I change GDM.
I 'm using 2 monitors - not mirrored - driven by Nvidia whose driver was supplied by Mageia.
I did have problems in the oast changing display driver. I hope that I will not fall in this trap now.

1. urpmi kdm
Package kdm-4.11.4-1.mga4.x86_64 is already installed
Marking kdm as manually installed, it won't be auto-orphaned
writing /var/lib/rpm/installed-through-deps.list
2. drakdm

I send this post before watching the results as I did not want to loose it as warned at the final stage

Will continue after DM chnage
JJF

Further to my previous.

It did solve the problem
[/col]

though the environment has changed: login screen as well as logged in to KDM and not Gnome classic which I prefer

Thanks
(I will report as Solved after I will log into Gnome

JJF wrote:1. This box started as a Mandrive 10.0, changed to mageia 2, unsuccessfully upgraded to mageia 3 and currntly upgraded to mageia 4.1 from a 64b iso dvd. It did not have the "double" login up until few weeks ago after the upgrade to Mageia 4.1.

You should have mentioned this initially. Upgrade from Mandriva 10.0 (maybe you mean Mandriva 2010.0? as 10.0 was still Mandrake) to Mageia 2 is not supported. Upgrade from Mageia 2 to 4 is not supported. What do you mean by "unsuccessfully upgraded to mageia 3" ? Your best bet is probably to backup important data and do a fresh new installation from 4.1 DVD, this would be my recommendation.

JJF wrote:2. Yesterday, before saving the journalctl, I tried to enable remote access to this PC. I followed a tutorial found in the internet. It suggested to change SSH port and some parameters in the firewall.

Thats actually a good idea, but doesn't really explain the changed permissions on the host keys.

JJF wrote:1. I have VirtualBox installed , but I removed the Windows 7 virtual disk. So currently there is nothing to run beside the VirtualBox application itself.

You still seem to have some remnants of libvirt running. Please show the output of

Code: Select all: rpm -qa | grep virt | grep -v virtu

JJF wrote:4. I attached ls -al /etc/ssh/

Sorry, I don't see it.

You surely can read the mentioned 4 links, but as that issue is pretty complex I'm not sure it will be sufficient for you to understand what's going on and what's going wrong ...

ssh was uploaded again

[root@localhost jacob]# rpm -qa | grep virt | grep -v virtu
lib64virt-gobject1.0_0-0.1.7-3.mga4
lib64virt-gconfig1.0_0-0.1.7-3.mga4
lib64virt-glib1.0_0-0.1.7-3.mga4
libvirt-utils-1.2.1-1.1.mga4
lib64virt0-1.2.1-1.1.mga4

This box started as a Mandrive 2010.0, changed to mageia 2, Mageia 3 was installed "over" it and currently using mageia 4.1 I upgraded 3 to 4.1 from an official release 64b isoDVD.
Innitially It did not have the "double" login phnomenon up until few weeks ago.

I now left with the 2nd (orriginally posted ) issue: Unable to run mcc from "application" but only from the command line.

(BTW, few times while we were dealing with the "double" SignIn, I run mcc from application without any problem.)

Again, thanks
JJF

Mageia forum

[SOLVED] first login attempt in GDM not accepted

[SOLVED] first login attempt in GDM not accepted

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication

Re: authentication