Bug 1170272 - pam_systemd Failed to get user record for Active Directory User
pam_systemd Failed to get user record for Active Directory User
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Basesystem
Current
x86-64 openSUSE Factory
: P5 - None : Normal (vote)
: ---
Assigned To: systemd maintainers
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-04-22 23:06 UTC by Mark Petersen
Modified: 2020-04-24 06:19 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Petersen 2020-04-22 23:06:51 UTC
Opensuse Tumbleweed version 20200417 & 20200419 with systemd245 joined to a Samba4.10.14 domain.

When an Active Directory user logs in via SDDM the following is logged in the journal:
Apr 22 17:40:27 workstation01 sddm-helper[14878]: [PAM] Starting...
Apr 22 17:40:27 workstation01 sddm-helper[14878]: [PAM] Authenticating...
Apr 22 17:40:27 workstation01 sddm-helper[14878]: [PAM] Preparing to converse...
Apr 22 17:40:27 workstation01 sddm-helper[14878]: [PAM] Conversation with 1 messages
Apr 22 17:40:27 workstation01 sddm-helper[14878]: gkr-pam: unable to locate daemon control file
Apr 22 17:40:27 workstation01 sddm-helper[14878]: pam_kwallet5(sddm:auth): (null): pam_sm_authenticate
Apr 22 17:40:27 workstation01 sddm-helper[14878]: pam_unix(sddm:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=samdom\ad_user
Apr 22 17:40:27 workstation01 sddm-helper[14878]: pam_winbind(sddm:auth): getting password (0x00000390)
Apr 22 17:40:27 workstation01 sddm-helper[14878]: pam_winbind(sddm:auth): pam_get_item returned a password
Apr 22 17:40:28 workstation01 sddm-helper[14878]: pam_winbind(sddm:auth): user 'samdom\ad_user' granted access
Apr 22 17:40:28 workstation01 sddm-helper[14878]: [PAM] returning.
Apr 22 17:40:28 workstation01 sddm-helper[14878]: pam_winbind(sddm:account): user 'STAT1\ad_user' granted access
Apr 22 17:40:28 workstation01 sddm[3077]: Authenticated successfully
Apr 22 17:40:28 workstation01 sddm-helper[14878]: pam_kwallet5(sddm:setcred): pam_kwallet5: pam_sm_setcred
Apr 22 17:40:28 workstation01 sddm-helper[14878]: pam_systemd(sddm:session): Failed to get user record: Invalid argument
Apr 22 17:40:28 workstation01 sddm-helper[14878]: pam_unix(sddm:session): session opened for user STAT1\ad_user(uid=21110) by (uid=0)
Apr 22 17:40:28 workstation01 sddm-helper[14878]: gkr-pam: unable to locate daemon control file
Apr 22 17:40:28 workstation01 sddm-greeter[14841]: Message received from daemon: LoginSucceeded
Apr 22 17:40:28 workstation01 sddm-helper[14878]: pam_kwallet5(sddm:session): pam_kwallet5: pam_sm_open_session

The user is logged in but has no audio devices and cannot shutdown/reboot PC (they can log out).

I found this Ubuntu bug:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1872282

Which points to this systemd bug:
https://github.com/systemd/systemd/issues/15149

Thanks for your attention to this matter.
Comment 1 Franck Bui 2020-04-23 13:54:11 UTC
It seems that the fix is part of v245.5 (commit 64fdacd5f13ef896f89b3dca2305182a29b73bae) but we're only at v245.4.

I'm going to update Base:System with v245.5 and push a new release shortly.

Thanks for the report.
Comment 2 Franck Bui 2020-04-24 06:19:54 UTC
I submitted the fix through https://build.opensuse.org/request/show/796764, hence closing.