Bug 1829572
Summary: | Login fails after upgrade fo Fedora 32 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Thomas Clark <fedoraproject> |
Component: | nss_nis | Assignee: | Matej Mužila <mmuzila> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 32 | CC: | bugs.kde.attila, DAF1BAB1, edgar.hoch, fjanus, idosch, lnykryn, mmuzila, msekleta, rkudyba, ssahani, s, systemd-maint, zbyszek |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | nss_nis-3.1-5.fc32 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-06-04 02:54:09 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Thomas Clark
2020-04-29 19:35:55 UTC
I have done some more testing; the problem is definitely NIS. An strace on sshd shows that a connection is opened to to socket /run/systemd/userdb/io.systemd.Multiplexer with a 45-second timeout. For both users, the initial request appears to fail on a username lookup. However, for both users the second request is a lookup by uid. The user in /etc/passwd gets a response immediately and is logged in immediately with a file in /run/systemd/users. The NIS user does not get a response and times out after 45 seconds. The user is successfully logged in, but without a file in /run/systemd/users. Desktop login is failing for the NIS user because of no /run/systemd/users file. This was causing issues for me so I gave up waiting and I set up OpenLDAP and alongside LDAP Account Manager (LAM). NIS has been retired here after several years service. Mike. Sorry for the slow reply. Does this occur with selinux enabled? If yes, does enforcing=0 help? I already have enforcing=0. We probably need a same work-around as for logind. Could you please test the following: cp /usr/lib/systemd/system/systemd-logind.service.d/nss_nis.conf /usr/lib/systemd/system/systemd-userdbd.service.d/nss_nis.conf systemctl daemon-reload && systemctl restart systemd-userdbd I don't have a nis setup at hand to test this unfortunately. If that works, I'd submit it as PR for the nss_nis package. That indeed works! I haven't figured out why yet, but I'll take it. Thanks! *** Bug 1837808 has been marked as a duplicate of this bug. *** Ping. Maintainer, please build new packages with includes the fix (pull-request). FEDORA-2020-bb323f2ec3 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-bb323f2ec3 FEDORA-2020-bb323f2ec3 has been pushed to the Fedora 32 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-bb323f2ec3` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-bb323f2ec3 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. The problem is resolved. Thank you! (In reply to Zbigniew Jędrzejewski-Szmek from comment #5) > We probably need a same work-around as for logind. Could you please test the > following: > > cp /usr/lib/systemd/system/systemd-logind.service.d/nss_nis.conf > /usr/lib/systemd/system/systemd-userdbd.service.d/nss_nis.conf > systemctl daemon-reload && systemctl restart systemd-userdbd Thank you. It works for me too. Is there anybody who can push this update? It's been in testing almost 2 weeks. FEDORA-2020-bb323f2ec3 has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report. |