NEW USER CANNOT LOGIN AFTER CREATION

Dear all,

I wonder if anyone else has had this strange problem:

I create a new user in yast, allowing it to set the default user id and groups, as usual. I set a username and password, and change the home directory to the correct place for it.
All the usual steps in creating a user on the system.

After this, I can ssh into the new user’s filespace, so it exists, and the username/password is definitely correct.

When I go to login as them however, I get “login failed”. This has happened for two new users today, but all the existing users are fine.
I can’t see (given the filespace exists and the login details are correct) what could cause this.

Any advice would be greatly appreciated!

Thanks,
Chris

What OS version? What Desktop Environment (e.g. KDE, Gnome, console)?
Please elucidate “change the home directory to the correct place for it”

1. Welcome to these forums.

2. When you have surfed a bit around here, you would have seen that nobody shouts at the others by using all upercase characters. We will see your thread also when you just talk normal.

3. When you have read through a few threads here to get a feeling for this forum, you will have seen that we are not clairvoyant and that mentioning the maximum amount of information helps enormously in encouraging people to help you. When they have to ask you for all and everything that should be obvious that you mention it (like eng-int does above) many people will turn away from your thread which is not in your favour.

4. And yes, I am also interested in why you changed the home directory to what you think is the correct place. Give us the an idea of this place and it’s status with an* ls -l *of it.

5. A feature on this forums that is rather hidden, but needed much, is the placing of computer text between CODE tags: Posting in Code Tags - A Guide

According to UNIX/linux standards, the place for new users is: /home/USERNAME

Yes, of course, and that is what YaST uses. But the OP states “change the home directory to the correct place for it.”. Thus making us curious. Not only why he thinks that that is “more correct” then YaST thinks (because that is probably, but not for sure, unimportant for his problem), but also to check if the “correct place” is correct wrt the owner, group, access bits, etc. of itself and the path leading to it.

On 2011-09-20 11:46, cjheard wrote:
>
> Dear all,

Please do not shout.

>
> I wonder if anyone else has had this strange problem:
>
> I create a new user in yast, allowing it to set the default user id and
> groups, as usual. I set a username and password, and change the home
> directory to the correct place for it.

And that correct place is…? And why do you change the default?

> All the usual steps in creating a user on the system.
>
> After this, I can ssh into the new user’s filespace, so it exists, and
> the username/password is definitely correct.

How much freespace?

> When I go to login as them however, I get “login failed”.

Login how? Into what?

Is there any info in the log?

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

Ok, sorry for the Caps, that was an accident, I hadn’t realised I was on caps until I’d submitted! Apologies.

Anyway - I’m running suse 11.3 with the KDE4.4.4 desktop.

I am adding to our server, with users being added to existing groups, so /home/USER is not correct, I need it at /home/group1/USER.
This is how all our users are set up, and I’ve never had any trouble adding users in this way before, so I would be slightly surprised if it was an issue with the path to this directory, or problems of this kind, but it could be, of course.

To clarify with the login: Our machines are terminals connected by a NIS server, so you login with a username and password of one of the users defined on the filesystem of that server. I can login with any of the old users, and gain access to the machine, but not with the new, despite the fact that I know the user exists, has a filespace, and this space can be accessed with ssh. That is the strange thing. The new user can access files, and could do work through ssh, but cannot actually log on to one of the terminals.

ls -l gives me this:

total 8
drwxr-xr-x 2 ivaylo johnston 4096 2011-09-19 16:29 bin
drwxr-xr-x 2 ivaylo johnston 4096 2011-09-19 16:29 public_html

for new user ivaylo in group johnston, with home directory (from pwd)

/user/johnston/ivaylo

Regarding free space: df -h gives me

Filesystem            Size  Used Avail Use% Mounted on
/dev/sda3              38G   35G  1.1G  97% /
devtmpfs              3.9G  180K  3.9G   1% /dev
tmpfs                 3.9G  4.0K  3.9G   1% /dev/shm
/dev/sda1             198M   59M  129M  32% /boot
/dev/sdb2             131G   86G   39G  69% /data
/dev/md0              917G  624G  247G  72% /home
/dev/sdb1              99G   55G   39G  59% /software
che-gwlinux:/global64
                      153G  1.3G  152G   1% /global64
/dev/sdd1             917G  622G  250G  72% /usbdisk

for the system overall.

If I access the system as root, it performs a check of users and their filespaces, and gives:

1        ivaylo         Fine

as the entry for this new user.

There is nothing related to the failed logins in the /var/log/messages file after failing to login as this user.

Thanks for the interest, hopefully I have given some relevant information here, sorry if I am missing anything basic, this is all fairly new to me.
Please let me know if there are obvious other things to look into, or whether you know of any likely reasons for this.

Regards,

Chris

On 2011-09-20 19:26, cjheard wrote:

> Regarding free space: df -h gives me
>
>
> Code:
> --------------------
> Filesystem Size Used Avail Use% Mounted on
> /dev/sda3 38G 35G 1.1G 97% /
> devtmpfs 3.9G 180K 3.9G 1% /dev
> tmpfs 3.9G 4.0K 3.9G 1% /dev/shm
> /dev/sda1 198M 59M 129M 32% /boot
> /dev/sdb2 131G 86G 39G 69% /data
> /dev/md0 917G 624G 247G 72% /home
> /dev/sdb1 99G 55G 39G 59% /software
> che-gwlinux:/global64
> 153G 1.3G 152G 1% /global64
> /dev/sdd1 917G 622G 250G 72% /usbdisk
>
> --------------------

/home is OK, but there is little space for temporary files in /tmp. That’s
the only thing it occurs to me now.

>
>
> for the system overall.
>
> If I access the system as root, it performs a check of users and their
> filespaces, and gives:

Which program does this check?

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

Linux (and most Unices) will only allow a root login once the root partition exceeds 95% use; otherwise it would be difficult to clean up.

# rm -r /tmp/*
# find /var/tmp/ -depth -mtime +7 -exec rm -r {} \;
# find /var/log/ -depth -mtime +32 -exec rm -r {} \;

generally works. But also check for a runaway log file that is not being compressed/archived.

On 09/20/2011 07:26 PM, cjheard wrote:
> ls -l gives me this:
>
> Code:
> --------------------
> total 8
> drwxr-xr-x 2 ivaylo johnston 4096 2011-09-19 16:29 bin
> drwxr-xr-x 2 ivaylo johnston 4096 2011-09-19 16:29 public_html

i’d like to see, the in/output of this:

ls -hal /home

–
DD
Caveat
openSUSE®, the “German Automobiles” of operating systems

Thanks for the further info you give.

One more remark: it is better to post the whole sequence of prompt, command and output and not just the output. This will show exactly what you do, where you are and if you are root or not. E.g.

boven:~ # ls -la /home
total 56
drwxr-xr-x 11 root     root   4096 May 24 12:44 .
drwxr-xr-x 23 root     root   4096 Sep 20 10:22 ..
drwxr-xr-x 42 beheerbv users  4096 May 16 16:50 beheerbv
drwxr-xr-x  6 mysql    mysql  4096 May 26 13:01 databases
drwxr-xr-x 80 henk     wij    4096 Sep 20 21:44 henk
drwx------  2 root     root  16384 Oct 25  2009 lost+found
drwxr-xr-x 10 marian   wij    4096 Apr 22  2009 marian
drwxr-xr-x 12 mgi      users  4096 Sep 20 10:42 mgi
drwxr-xr-x 17 smweb    www    4096 Sep 20 10:25 smweb
drwxr-xr-x  8 wappl    www    4096 Jun 27 14:09 wappl
drwxrwxrwx 12 henk     wij    4096 Mar  5  2011 wij
boven:~ #

shows that root did a statement and what was the result, not needing any explanation.

I agree with Carlos that 97% for / is normaly far to high. Because you do not have a separate /tmp this will not allow any login from a normal user (most logins need some file in /tmp) or when it succeeds, the user will got stuck when starting most applications. root is allowed to use the meagre rest (e.g. for loging to function), but wen you do not take any action here you will be at 100% and completly stuck before long.

BTW this means that not only the new user, but most/all users will experience the same problem.

As requested,

ivaylo@fs2chem:~> ls -hal /home
total 36K
drwxr-xr-x  9 root root     4.0K 2011-09-19 16:42 .
drwxr-xr-x 27 root root     4.0K 2011-06-13 19:19 ..
drwxr-xr-x  2 root root     4.0K 2011-05-26 16:37 fs2chem_old_users
drwxr-xr-x  2 root root     4.0K 2011-03-04 15:06 hypatia_old_users
drwxr-xr-x 21 root johnston 4.0K 2011-09-20 09:36 johnston
drwx------  2 root root     4.0K 2009-02-24 15:30 lost+found
drwxr-xr-x  2 root root     4.0K 2011-03-14 17:31 stchem_old_users
drwxr-xr-x 22 root root     4.0K 2010-11-22 10:20 teaching
lrwxrwxrwx  1 root root        5 2011-02-18 11:46 user -> /user
drwxr-xr-x 28 root worth    4.0K 2011-09-19 16:28 worth

you can see the two main groups, johnston and worth, the former contains the users I am interested in, including me (cheard) and the new ones (including ivaylo).

I don’t know what the program is that runs the check of the filespaces on logging in as root - it just prints:

cheard@fs2chem:~> ssh root@fs2chem
Password:
Last login: Wed Sep 21 16:30:40 2011 from che-rjlinux1.bham.ac.uk
Welcome to Fs2chem
User Space Consumption on Last Check

********** Tue Sep 20 20:00:01 BST 2011 **********
Checking /home/johnston/
1575     alina  Fine
42328    andylogsdail   Fine
8766     cheard         Fine
1        guestjohnston  Fine
952      haydar         Fine
1        ivaylo         Fine
11947    jguerrero      Fine
27932    lesley         Fine
14399    lwright        Fine
40765    moakley        Fine
13545    pjennings      Fine
39964    pwest  Fine
43333    ramli  Fine
30407    roy    Fine
4025     sheiles        Fine
1106     smeeton        Fine
332      sultana        Fine
1466     tcbham         Fine
130      tran   Fine

I’ve deleted those three directories as suggested, getting sda3 down to 96% - so not enough I assume.
Do you think I need to dive into this disk and have a cull? (I don’t actually know what is stored there, but can look around).

It still seems odd that only the new users would have trouble getting onto the machines if it was a full /tmp, where everyone else has no trouble at all, but I can believe that may be it.
However, when the tmp did fill up in the past, the error on login was not a “login failed” as in this case, but rather the error looked different (it wasn’t immediate, and it at least tried to log you in) which suggests it may not be the same problem this time, to me. The current login failure is exactly what you get when you put in an incorrect password.

I’ll look into the filesystem if you think that is it, but are there any other possible hypotheses?

Thanks very much for the continued investigation,
Chris

Finding what fills up yopur / file system so much is a bit of a try and error method. One could start investigating* /tmp* because often applications (and users!) do not clean up there.

Do you clean /tmp regularly (many do this on boot setting this in YaST > System > /etc/sysconfig editor and then + System +Cron and then configure TEMP_DIRS_TO_CLEAR and eventual friends)?

Else going to / and then using

du -sk *

will give you the sizes of the subdirectories of /. When you think one of them is excessive, cd to it and repeat, thus drilling down to what may be the culprit.

On 09/21/2011 06:56 PM, cjheard wrote:

> As requested,
> ivaylo@fs2chem:~> ls -hal /home
> total 36K
> drwxr-xr-x 9 root root 4.0K 2011-09-19 16:42 .
> drwxr-xr-x 27 root root 4.0K 2011-06-13 19:19 …
> drwxr-xr-x 2 root root 4.0K 2011-05-26 16:37 fs2chem_old_users
> drwxr-xr-x 2 root root 4.0K 2011-03-04 15:06 hypatia_old_users
> drwxr-xr-x 21 root johnston 4.0K 2011-09-20 09:36 johnston
> drwx------ 2 root root 4.0K 2009-02-24 15:30 lost+found
> drwxr-xr-x 2 root root 4.0K 2011-03-14 17:31 stchem_old_users
> drwxr-xr-x 22 root root 4.0K 2010-11-22 10:20 teaching
> lrwxrwxrwx 1 root root 5 2011-02-18 11:46 user → /user
> drwxr-xr-x 28 root worth 4.0K 2011-09-19 16:28 worth

wow…thanks…but, i guess i have to get out of this thread because i
have zero experience of setting up groups the way you have, and well, i
am confused by the way you have done it…

what i mean is, from looking at the above i see three groups

root
johnston
worth

and i see these users only, and no others:

fs2chem_old_users
hypatia_old_users
johnston
stchem_old_users
teaching
user
worth

i would expect the individual who is a member of the group named ‘root’
with the ID of “fs2chem_old_users” to be able to log in, no
problem…same for the user with the ID of “worth” of the group named
“worth”

but as i understand it (if i understand what you wrote) there are
numerous individuals who are able to log in as the user named
“worth”–is that correct? does each use the same password?

or is there a (say) Sam, Sally, and Scott who are members of the
“worth” group, with assigned space at

/home/worth/Sam
/home/worth/Sally
/home/worth/Scott

and each with their own password???

the ‘conventional’ way for that to appear would be more like:

someone@linux-os114: ls -hal /home
drwxr-xr-x 5 root root 4.0K Aug 10 16:40 ./
drwxr-xr-x 24 root root 4.0K Sep 21 17:48 …/
drwxr-xr-x 67 Sam worth 4.0K Sep 21 17:53 Sam/
drwx------ 2 root root 16K May 15 11:21 lost+found/
drwxr-xr-x 30 Sally worth 4.0K Aug 20 19:35 Sally/
drwxr-xr-x 30 Scott worth 4.0K Aug 20 19:35 Scott/
drwxr-xr-x 30 Steve johnston 4.0K Aug 20 19:35 Steve/
etc
etc
etc

so, i’m lost and bailing out…oh, but please show this when you
return: the output of

cat /etc/SuSE-release
cat /etc/issue

> I’ve deleted . . .

WHOA! first tell me you have a good solid backup!
and, then let me tell you that (i have NOT checked to see who above
suggested what, but) not everyone here is a qualified and experienced
Linux Administrator…so, i strongly advise you to move slowly and read
my sig’s caveat before you do anything you think i might have
suggested you do with the layout of your groups and users!

i will be reading this thread with a goal of learning. (i’ve only been
using Linux for over 10 years and know i have a LOT yet to learn!!)

–
DD
Caveat
openSUSE®, the “German Automobiles” of operating systems

In fact, I forgot to study the above. But this is rightout wrong.

The owner of each of those home directories should be the user who’s home directory it is. And the group should be the primary group of that user. And the name of such a home directory should be the username. E.g. when cheard is a user and johnston is his primary group and the entry would be something like:

drwxr-xr-x 21 cheard johnston 4.0K 2011-09-20 09:36 cheard

This is nowhere the case in your* /home.* How did you manage to enter users with this strange result?

Ok, reading again and again, I understand that you made a sort of hierarchical structure within your /home, where home directories are to be found within directories named after the primary groups.

When that is the case, and we ask for the full* ls -l *information of those home directories (especialy th one of the user that can not log in), why did you not post

ls -l /home/johnston

and of course as root (others may not have enough access to do those listings).
I am asking for the prove of correct ownership, group, accessbits since of that users home directory since yesterday (post #3 at 4) ).

As asked,

fs2chem:~ # cat /etc/SuSE-release
openSUSE 11.3 (i586)
VERSION = 11.3
fs2chem:~ # cat /etc/issue
Welcome to openSUSE 11.3 "Teal" - Kernel \r (\l).

hcvv: Yes, you are right about the hierarchy, I obviously didn’t make myself clear in trying to explain this! Sorry about that.
I didn’t know what you were hoping to see with the previous ls-l, so I only used the commands as I was asked, from inside the userspace, and then from the overall home.
The ls -l from /home/johnston is:

fs2chem:~ # ls -l /home/johnston/
total 188
drwxr-xr-x  40 alina         johnston  4096 2011-09-19 09:35 alina
drwxr-xr-x  60 andylogsdail  johnston  4096 2011-09-23 14:05 andylogsdail
drwxr-xr-x  95 cheard        johnston 32768 2011-09-22 21:48 cheard
drwxr-xr-x   6 guestjohnston johnston  4096 2011-09-20 09:36 guestjohnston
drwxr-xr-x  26 haydar        worth     4096 2011-09-22 11:55 haydar
drwxr-xr-x   7 ivaylo        johnston  4096 2011-09-19 17:07 ivaylo

so I don’t think it is a permissions thing.

Chris

Well, several people asked about your ideas of not having the default place for home directories, but what you call the "correct’ place. It is very difficult to have an insight in what people at the other side of the world are doing. Thus any thoughts like “they will understand that” or “they will without doubt do things the same as I do” will create problems in understanding you, your motives and your way of work and thus peoplw will have not even a change in udersatnding the real problem (or they will simply turn away from your thread because they get irritated)…

Now that I understand how you manage home directories, I can say that this is not the first time I see this way of organisation (we did the same on some Unix systems in cooperation with our customer). Especialy when having many users, such an hierarchy may be usefull.

Thanks for that listing. It looks OK for ivaylo. (It seems that haydar is in the wrong place isn’t he?)

I still am not satisfied with that above 95% usage of the root file system. I can perefctly understand tthat a new user, when he logs in in his desktop for the first time, needs some extra space temporary in /tmp. And does: whoops!. And the high usage of / is no good at all. Also a size of 38G for a root partition is outragious. What do you have there? You do have a seperate /data, which is a good idea for putting general data of the applications you run (like databases), but what is then all stored in /? Did you try to identify what filled it up until nothing can be added?

I did not realise this kind of hierarchy is particularly non-standard. I had assumed that having users assigned to groups would be a very common arrangement for a server with a larger number of separate users, but thanks again for pointing out that this is not the case. I will be less succinct in future with my descriptions (though of course my problem is more that I don’t truly know what is generally understood or not). As it is, you are right about haydar and ivaylo, the former is wrongly assigned, (by someone else I hasten to add!!) and ivaylo appears to be as the other users.

This problem has in fact now been resolved, without any work regarding the full disks. As I had thought, the error was not of this type, though the solution was fairly surprising.
Noticing that logging into the machine on the command line with

su ivaylo

produces a “password incorrect” error, it was clear that there was some problem with the NIS broadcasting the password or user information.
What is odd is that the password was known when directly ssh’ing into the filespace, and changing it with

passwd ivaylo

worked - so the machine was doing this correctly, but login with su gave an error.

Recompiling the yp program which deals with this broadcasting fixed the issue (though I don’t fully understand why it should).

Anyway thanks to the various members for all the help and explanations.

Chris

On 2011-09-27 18:06, cjheard wrote:
> Recompiling the yp program which deals with this broadcasting fixed the
> issue (though I don’t fully understand why it should).

Maybe you are using more programs compiled by yourself, or you upgraded
part of the chain with non compatible components.

Did you try “simply” restarting the system?

–
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)