After moving from Leap 42.3 to TW, using zypper dup, the local users, including root, cannot login (neither from console login, ssh,…). Only users that authenticate using Kerberos are allowed to login.
From the login console, if I try to log in a local user (or root) I get
User not known to the underlying authentication module.
I regenerated the pam files with pam-config to have a fresh start but still no luck.
The permissions on /etc/passwd and /etc/shadow are
-rw-r–r-- 1 root root May 23 17:03 /etc/passwd
-rw-r----- 1 root shadown 1250 May 23 18:05 /etc/shadow
the content of common-account is
account requisite pam_unix.so debug try_first_pass
account required pam_krb5.som use_frst_pass
account required pam_localuser.so
I can boot adding init=/bin/sh to have root access, but that does not give me access to log files which are not mounted.
Again, this happened after moving from Leap 42.3 to TW, and only to users that authenticate locally (i.e., the passwd are stored in /etc/passwd). This applies to all manner of logins (console, sddm, ssh, su, sudo).
Any help greatly appreciated.