Hi, I found this strange behaviour: I am using NIS with shadow passwords. If I try to login as a user through kdm I get "Login failed". Other login managers (console login, xdm) are working correctly. Note that once you manage to login (e.g. using xdm), the kde lock screen will return a password failure as well. kdm works fine for user "root". I've also tried to disable NIS, create a "test" user and copy my encrypted passwd to the "test" entry in the /etc/shadow file. kdm fails with "Login failed" for user "test". I deduce NIS is not the problem. Then I have assigned a locally generated passwd to "test". This was created as an md5 passwd and kdm works correctly. Is that some trouble with kde and non-md5 passwords? Thanks!
Trying to narrow it down: I have removed the kdebase, kdelibs and kdesupport that come with redhat 6.2 and installed the older kde 1.1.2 packages I was using with Redhat 6.1: kdebase-1.1.2-11.i386.rpm kdebase-lowcolor-icons-1.1.2-11.i386.rpm kdelibs-1.1.2-9.i386.rpm kdelibs-devel-1.1.2-9.i386.rpm kdesupport-1.1.2-3.i386.rpm With the old version I can login again.
I have noticed that if you comment out the line auth required /lib/security/pam_shells.so from the file "/etc/pam.d/kde", both kdm and klock will work correctly. Now, why kde is using the "/lib/security/pam_shells.so" module? Any security implications in my action?
IF your users shell is not listed in /etc/shells they won't be able to login. MAke sure the COMPLETE path to your users shell is listed in /etc/shells and kdm and klock should work.
It's a feature - users with a shell of /dev/null, /bin/false or anything else that is not listed in /etc/shells aren't supposed to be able to log in.