The "nologin" Ghost
I was in the middle of learning the method of booting into different system targets as part of the RHCSA exam requirements. One of the targets I was booting into was the multi-user.target from the graphical.target. From the commandline, I used the command, #systemctl isolate multi-user.target. The Xserver halted and I was at a shell login prompt.
Switching back was simply the same method. However, the system displayed an error message, weird. The error message stated that this user was not allowed to login because of a module "pam_nologin" was preventing it. What? I know for certain my account was not using the "nologin" shell. How pam_nologin got involved is beyond me.
From reading the man page of pam_nologin, it did explain that this particular module was meant to prevent logins of un-privilege users, not root users, if two files existed, /etc/nologin or /var/run/nologin. If such a file existed then pam_nologin will return the value PAM_AUTH_ERR meaning there is a restriction of un-privilege user logins. If not, it will return the value, PAM_SUCCESS meaning the file does not exist. It did not see any of these values display. Perhaps these were meant for the kernel. Following the error message was the value [successok]. I guess that meant the file existed. That is just my guess.
Now the hunt begins. If such a file existed, which it shouldn't, then it must be removed. There was no file /etc/nologin. There was however a file /var/run/nologin. Simply removed the file using the root account, logged out and back in using my primary account and SUCCESS. Was able to switch back to the graphical target.
Not sure how or why pam_nologin loaded the "nologin" file. This is something that requires further investigation. Just simply removing the file may not work come the next time. Looks like RedHat taught me well on how to read manpages and the method of troubleshooting.
Switching back was simply the same method. However, the system displayed an error message, weird. The error message stated that this user was not allowed to login because of a module "pam_nologin" was preventing it. What? I know for certain my account was not using the "nologin" shell. How pam_nologin got involved is beyond me.
From reading the man page of pam_nologin, it did explain that this particular module was meant to prevent logins of un-privilege users, not root users, if two files existed, /etc/nologin or /var/run/nologin. If such a file existed then pam_nologin will return the value PAM_AUTH_ERR meaning there is a restriction of un-privilege user logins. If not, it will return the value, PAM_SUCCESS meaning the file does not exist. It did not see any of these values display. Perhaps these were meant for the kernel. Following the error message was the value [successok]. I guess that meant the file existed. That is just my guess.
Now the hunt begins. If such a file existed, which it shouldn't, then it must be removed. There was no file /etc/nologin. There was however a file /var/run/nologin. Simply removed the file using the root account, logged out and back in using my primary account and SUCCESS. Was able to switch back to the graphical target.
Not sure how or why pam_nologin loaded the "nologin" file. This is something that requires further investigation. Just simply removing the file may not work come the next time. Looks like RedHat taught me well on how to read manpages and the method of troubleshooting.
Comments
Post a Comment