On a whim I disabled iptables on the server, and voila, it worked. I'll have to investigate which firewall rules are breaking this. It's strange that the firewall causes no issues with normal reading/writing to the NFS share from the console, etc. Oliver On Fri, 27 Aug 2004 09:55:08 -0400, Oliver Aaltonen <aaltonen@xxxxxxxxx> wrote: > I will also add the messages from the working "guest2" account that is > authenticated via LDAP on the server, the only difference being the > account's local home directory (as opposed to the NFS-mounted home > directories of the problematic accounts): > > Aug 27 09:38:23 ibmlnx21 gdm(pam_unix)[18195]: check pass; user unknown > Aug 27 09:38:23 ibmlnx21 gdm(pam_unix)[18195]: authentication failure; > logname= uid=0 euid=0 tty=:0 ruser= rhost= > Aug 27 09:38:23 ibmlnx21 gdm(pam_unix)[18195]: session opened for user > guest2 by (uid=0) > Aug 27 09:38:23 ibmlnx21 gconfd (guest2-18381): starting (version > 2.2.1), pid 18381 user 'guest2' > Aug 27 09:38:23 ibmlnx21 gconfd (guest2-18381): Resolved address > "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only config > source at position 0 > Aug 27 09:38:23 ibmlnx21 gconfd (guest2-18381): Resolved address > "xml:readwrite:/tmp/guest2/.gconf" to a writable config source at > position 1 > Aug 27 09:38:23 ibmlnx21 gconfd (guest2-18381): Resolved address > "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only config > source at position 2 > Aug 27 09:38:23 ibmlnx21 xinetd[18391]: warning: can't get client > address: Transport endpoint is not connected > > Oliver > > > > On Fri, 27 Aug 2004 08:58:49 -0400, Oliver Aaltonen <aaltonen@xxxxxxxxx> wrote: > > These are the log entries in /var/log/messages that occur when I log > > in as "guest": > > > > Aug 27 08:50:24 ibmlnx21 gdm(pam_unix)[18097]: check pass; user unknown > > Aug 27 08:50:24 ibmlnx21 gdm(pam_unix)[18097]: authentication failure; > > logname= uid=0 euid=0 tty=:0 ruser= rhost= > > Aug 27 08:50:24 ibmlnx21 gdm(pam_unix)[18097]: session opened for user > > guest by (uid=0) > > Aug 27 08:50:25 ibmlnx21 gconfd (guest-18164): starting (version > > 2.2.1), pid 18164 user 'guest' > > > > And that's all, the X session sits there with a blank screen and a cursor. > > > > Oliver > > > > > > > > On Thu, 26 Aug 2004 21:54:59 +0200, Jyce <jyce@xxxxxxx> wrote: > > > You can maybe try to connect with a "normal user" and then > > > swith to first console and take a look at /var/log to see any error > > > (ie ls -ltr /var/log and cat the last modified file). > > > By the Way I don't use GDM or KDM but XDM, so you should > > > take a look at the {g,k}dm.log if it exist. > > > > > > HTH > > > > > > > > > > > > ----- Original Message ----- > > > From: "Oliver Aaltonen" <aaltonen@xxxxxxxxx> > > > To: "Jyce" <jyce@xxxxxxx> > > > Cc: "General Red Hat Linux discussion list" <redhat-list@xxxxxxxxxx>; "Brian > > > D. McGrew" <brian@xxxxxxxxxxxxxxxxxxx> > > > Sent: Thursday, August 26, 2004 9:39 PM > > > Subject: Re: GNOME Login Problem > > > > > > > Yes, I can open an xterm using any users account. Every normal user > > > > has rights to access anything in thier directory of the NFS-mounted > > > > /home directory. I have no problem reading and writing to their > > > > directories when I'm logged in at a console either locally on the > > > > client machine or remotely via SSH. > > > > > > > > Oliver > > > > > > > > On Thu, 26 Aug 2004 21:36:34 +0200, Jyce <jyce@xxxxxxx> wrote: > > > > > When logged as root can you change from user in an xterm > > > > > (ie. xterm -e su - $user ). > > > > > I think that normal user doesn't have enough rights to access the > > > nfs > > > > > mounted partition. > > > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > From: "Oliver Aaltonen" <aaltonen@xxxxxxxxx> > > > > > To: "Brian D. McGrew" <brian@xxxxxxxxxxxxxxxxxxx> > > > > > Cc: "General Red Hat Linux discussion list" <redhat-list@xxxxxxxxxx> > > > > > Sent: Thursday, August 26, 2004 8:30 PM > > > > > Subject: Re: GNOME Login Problem > > > > > > > > > > > No luck. I did what you had suggested (with the exception of "chmod > > > > > > -Rh", since "-h" is an invalid option), and attempting to log in > > > > > > results in the same problem. The local root user on the client machine > > > > > > can now read and write to the test user's home directory, unlike > > > > > > before, but otherwise there was no change in behavior. > > > > > > > > > > > > Oliver > > > > > > > > > > > > On Thu, 26 Aug 2004 11:15:57 -0700, Brian D. McGrew > > > > > > <brian@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > Ok ... So we're thinking a permissions or authentication problem > > > now; > > > > > > > since a local user is working just fine. I assume that you still > > > have > > > > > > > a test user who's still on the NFS mounted /home right? > > > > > > > > > > > > > > This is totally un-secure and generally a bad idea but since the > > > user > > > > > > > will soon be deleted, go to /home and do a chmod -Rh 777 <user_dir> > > > and > > > > > > > then try and log in again. I think it'll work. In fact, just to > > > see > > > > > > > what files (if any) are changed, do it in this order: > > > > > > > > > > > > > > 1) cd /home; find ./<user_dir> -print >> /tmp/orig_files.txt > > > > > > > 2) chmod -Rh 777 <user_dir> > > > > > > > 3) Login (I think it'll work) > > > > > > > 4) If it does work, cd /home; find ./<user_dir> -print >> > > > > > > > /tmp/new_files.txt > > > > > > > 5) diff /tmp/orig_files.txt /tmp/new_files.txt (To see what's > > > changed) > > > > > > > > > > > > > > -brian > > > > > > > > > > > > > > Brian D. McGrew { brian@xxxxxxxxxxxxxxxxxxx || > > > > > > > pacemakertaker@xxxxxxxxx } > > > > > > > -- > > > > > > > > YOU! Off my planet! > > > > > > > > > > > > > > > > > > > > > On Aug 26, 2004, at 11:07 AM, Oliver Aaltonen wrote: > > > > > > > > > > > > > > > Network connectivity is normal and working fine. As I mentioned, I > > > can > > > > > > > > log in through a console, SSH, failsafe, etc. and operate fine. I > > > am > > > > > > > > using LDAP for authentication. > > > > > > > > > > > > > > > > All routing and DNS settings are fine, and the network works as > > > > > > > > normal. The root user can operate any network-utilizing utilities > > > fine > > > > > > > > from within GNOME, and console-based and X utilities work for > > > everyone > > > > > > > > else, just not from within GNOME. > > > > > > > > > > > > > > > > I created another test account, this time pointing to a different > > > home > > > > > > > > directory, this time using the local directory /tmp/guest2 instead > > > of > > > > > > > > the default, NFS-mounted /home/guest2. I was able to log into > > > GNOME > > > > > > > > successfully. > > > > > > > > > > > > > > > > Any ideas? > > > > > > > > > > > > > > > > Oliver > > > > > > > > > > > > > > > > On Thu, 26 Aug 2004 10:53:31 -0700, Brian D. McGrew > > > > > > > > <brian@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > >> OK ... So then it's pretty safe to assume that it's not something > > > in > > > > > > > >> the environment then. How about network connectivity? Are you > > > able > > > > > > > >> to > > > > > > > >> reach the rest of your network without any problems? What are > > > you > > > > > > > >> using for authentication? NIS or LDAP? > > > > > > > >> > > > > > > > >> What about your defualtrouter and DNS setup, is that all correct? > > > I > > > > > > > >> assume that you can open a browser and get to the web ok (logged > > > in > > > > > as > > > > > > > >> root, of course)? > > > > > > > >> > > > > > > > >> Also one lat thing to try ... Create a user that's in your > > > > > > > >> authentication system but put the home directory local on the > > > > > > > >> workstation and see if that works? I'm wondering if there is > > > some > > > > > > > >> issue with write permissions in the authentication process. > > > > > > > >> > > > > > > > >> -brian > > > > > > > >> > > > > > > > >> Brian D. McGrew { brian@xxxxxxxxxxxxxxxxxxx || > > > > > > > >> pacemakertaker@xxxxxxxxx } > > > > > > > >> -- > > > > > > > >>> YOU! Off my planet! > > > > > > > >> > > > > > > > >> > > > > > > > >> On Aug 26, 2004, at 10:46 AM, Oliver Aaltonen wrote: > > > > > > > >> > > > > > > > >>> Using RHEL3's defaults. > > > > > > > >>> > > > > > > > >>> [guest@ibmlnx21 guest]$ cat .bashrc > > > > > > > >>> # .bashrc > > > > > > > >>> > > > > > > > >>> # User specific aliases and functions > > > > > > > >>> > > > > > > > >>> # Source global definitions > > > > > > > >>> if [ -f /etc/bashrc ]; then > > > > > > > >>> . /etc/bashrc > > > > > > > >>> fi > > > > > > > >>> [guest@ibmlnx21 guest]$ cat .bash_profile > > > > > > > >>> # .bash_profile > > > > > > > >>> > > > > > > > >>> # Get the aliases and functions > > > > > > > >>> if [ -f ~/.bashrc ]; then > > > > > > > >>> . ~/.bashrc > > > > > > > >>> fi > > > > > > > >>> > > > > > > > >>> # User specific environment and startup programs > > > > > > > >>> > > > > > > > >>> PATH=$PATH:$HOME/bin > > > > > > > >>> > > > > > > > >>> export PATH > > > > > > > >>> unset USERNAME > > > > > > > >>> [guest@ibmlnx21 guest]$ echo $PATH > > > > > > > >>> > > > /usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/home/ > > > > > > > >>> guest/bin > > > > > > > >>> > > > > > > > >>> Oliver > > > > > > > >>> > > > > > > > >>> On Thu, 26 Aug 2004 10:34:57 -0700, Brian D. McGrew > > > > > > > >>> <brian@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > >>>> Show us your .bash_profile and .bashrc files. Are all the > > > users > > > > > > > >>>> using > > > > > > > >>>> default system files or are any of these customized? Also, is > > > > > > > >>>> /usr/X11R6/bin in your path and /usr/X11R6/lib in your > > > > > > > >>>> LD_LIBRARY_PATH? > > > > > > > >>>> > > > > > > > >>>> -brian > > > > > > > >>>> > > > > > > > >>>> Brian D. McGrew { brian@xxxxxxxxxxxxxxxxxxx || > > > > > > > >>>> pacemakertaker@xxxxxxxxx } > > > > > > > >>>> -- > > > > > > > >>>>> YOU! Off my planet! > > > > > > > >>>> > > > > > > > >>>> > > > > > > > >>>> On Aug 26, 2004, at 10:32 AM, Oliver Aaltonen wrote: > > > > > > > >>>> > > > > > > > >>>>> Yes, I should have mentioned that as well. KDE sits at the > > > same > > > > > > > >>>>> blank > > > > > > > >>>>> screen with cursor after successfully authenticating the user > > > via > > > > > > > >>>>> GDM. > > > > > > > >>>>> As I mentioned previously, the "failsafe" session works fine. > > > > > > > >>>>> > > > > > > > >>>>> Oliver > > > > > > > >>>>> > > > > > > > >>>>> On Thu, 26 Aug 2004 10:24:40 -0700, Brian D. McGrew > > > > > > > >>>>> <brian@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > >>>>>> Those two lines look good. The only reason for the > > > automounter > > > > > > > >>>>>> would > > > > > > > >>>>>> be a matter of simplicity not functionality. > > > > > > > >>>>>> > > > > > > > >>>>>> Have you tried logging in with KDE or any other window > > > manager > > > > > > > >>>>>> besides > > > > > > > >>>>>> gnome? > > > > > > > >>>>>> > > > > > > > >>>>>> -brian > > > > > > > >>>>>> > > > > > > > >>>>>> Brian D. McGrew { brian@xxxxxxxxxxxxxxxxxxx || > > > > > > > >>>>>> pacemakertaker@xxxxxxxxx } > > > > > > > >>>>>> -- > > > > > > > >>>>>>> YOU! Off my planet! > > > > > > > >>>>>> > > > > > > > >>>>>> > > > > > > > >>>>>> On Aug 26, 2004, at 10:19 AM, Oliver Aaltonen wrote: > > > > > > > >>>>>> > > > > > > > >>>>>>> Relevant line from server's /etc/exports: > > > > > > > >>>>>>> /home 128.119.158.0/24(rw,sync) > > > > > > > >>>>>>> > > > > > > > >>>>>>> Relevant line from client's /etc/fstab: > > > > > > > >>>>>>> 128.119.163.32:/home /home nfs > > > > > > > >>>>>>> rw,hard,intr > > > > > > > >>>>>>> 0 0 > > > > > > > >>>>>>> > > > > > > > >>>>>>> I did not consider using the automounter, since I assumed a > > > > > > > >>>>>>> simple > > > > > > > >>>>>>> mount via fstab would do the trick. I will look into this. > > > > > > > >>>>>>> > > > > > > > >>>>>>> Oliver > > > > > > > >>>>>>> > > > > > > > >>>>>>> On Thu, 26 Aug 2004 10:08:59 -0700, Brian D. McGrew > > > > > > > >>>>>>> <brian@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > >>>>>>>> Ok ... so if it occurs with a brand new user with nothing > > > > > > > >>>>>>>> special > > > > > > > >>>>>>>> in > > > > > > > >>>>>>>> the login, (unlike my login environment which is going 14 > > > years > > > > > > > >>>>>>>> old > > > > > > > >>>>>>>> now) then lets have a look at your /etc/fstab on the client > > > and > > > > > > > >>>>>>>> the > > > > > > > >>>>>>>> /etc/exports file from the server. > > > > > > > >>>>>>>> > > > > > > > >>>>>>>> Also, if I may ask, why aren't you using the automounter > > > (amd) > > > > > > > >>>>>>>> instead > > > > > > > >>>>>>>> of hard mounting the in the fstab? > > > > > > > >>>>>>>> > > > > > > > >>>>>>>> -brian > > > > > > > >>>>>>>> > > > > > > > >>>>>>>> Brian D. McGrew { brian@xxxxxxxxxxxxxxxxxxx || > > > > > > > >>>>>>>> pacemakertaker@xxxxxxxxx } > > > > > > > >>>>>>>> -- > > > > > > > >>>>>>>>> YOU! Off my planet! > > > > > > > >>>>>>>> > > > > > > > >>>>>>>> > > > > > > > >>>>>>>> On Aug 26, 2004, at 10:00 AM, Oliver Aaltonen wrote: > > > > > > > >>>>>>>> > > > > > > > >>>>>>>>> Brian, > > > > > > > >>>>>>>>> > > > > > > > >>>>>>>>> I should mention this happens with all of the users. I've > > > even > > > > > > > >>>>>>>>> created > > > > > > > >>>>>>>>> some "fresh" accounts, using RHEL3's defaults, and the > > > same > > > > > > > >>>>>>>>> problems > > > > > > > >>>>>>>>> occur. > > > > > > > >>>>>>>>> > > > > > > > >>>>>>>>> Here are the permissions under one of the test accounts: > > > > > > > >>>>>>>>> drwx------ 5 guest guest 4096 Aug 26 16:20 . > > > > > > > >>>>>>>>> drwxr-xr-x 5 root root 4096 Aug 25 14:13 .. > > > > > > > >>>>>>>>> -rw------- 1 guest guest 60 Aug 26 14:32 > > > > > > > >>>>>>>>> .bash_history > > > > > > > >>>>>>>>> -rw-r--r-- 1 guest guest 24 Sep 18 2003 > > > > > > > >>>>>>>>> .bash_logout > > > > > > > >>>>>>>>> -rw-r--r-- 1 guest guest 191 Sep 18 2003 > > > > > > > >>>>>>>>> .bash_profile > > > > > > > >>>>>>>>> -rw-r--r-- 1 guest guest 124 Sep 18 2003 > > > > > ..bashrc > > > > > > > >>>>>>>>> drwx------ 3 guest guest 4096 Aug 25 18:00 > > > > > ..gconfd > > > > > > > >>>>>>>>> drwxr-xr-x 2 guest guest 4096 Aug 25 18:00 > > > > > ..gnome2 > > > > > > > >>>>>>>>> -rw-r--r-- 1 guest guest 120 Aug 20 2003 > > > ..gtkrc > > > > > > > >>>>>>>>> -rw-rw-r-- 1 guest guest 11 Aug 26 14:31 > > > > > > > >>>>>>>>> guest_test.txt > > > > > > > >>>>>>>>> drwxr-xr-x 3 guest guest 4096 Aug 24 14:01 > > > ..kde > > > > > > > >>>>>>>>> -rw------- 1 guest guest 607 Aug 26 14:31 > > > > > > > >>>>>>>>> .viminfo > > > > > > > >>>>>>>>> -rw------- 1 guest guest 0 Aug 26 16:20 > > > > > > > >>>>>>>>> .Xauthority > > > > > > > >>>>>>>>> -rw------- 1 guest guest 0 Aug 26 16:20 > > > > > > > >>>>>>>>> .xsession-errors > > > > > > > >>>>>>>>> > > > > > > > >>>>>>>>> Oliver > > > > > > > >>>>>>>>> > > > > > > > >>>>>>>>> On Thu, 26 Aug 2004 09:50:41 -0700, Brian D. McGrew > > > > > > > >>>>>>>>> <brian@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > >>>>>>>>>> I would have a look in the users home directory and make > > > sure > > > > > > > >>>>>>>>>> that > > > > > > > >>>>>>>>>> you > > > > > > > >>>>>>>>>> have correct permissions on all the dot files (.gnome, > > > > > ..gtkrc, > > > > > > > >>>>>>>>>> etc) > > > > > > > >>>>>>>>>> and > > > > > > > >>>>>>>>>> that the correct ownership is set. I saw this problem > > > once > > > > > on > > > > > > > >>>>>>>>>> Solaris > > > > > > > >>>>>>>>>> with Sun's gnome recently. > > > > > > > >>>>>>>>>> > > > > > > > >>>>>>>>>> -brian > > > > > > > >>>>>>>>>> > > > > > > > >>>>>>>>>> Brian D. McGrew { brian@xxxxxxxxxxxxxxxxxxx || > > > > > > > >>>>>>>>>> pacemakertaker@xxxxxxxxx } > > > > > > > >>>>>>>>>> -- > > > > > > > >>>>>>>>>>> YOU! Off my planet! > > > > > > > >>>>>>>>>> > > > > > > > >>>>>>>>>> > > > > > > > >>>>>>>>>> On Aug 26, 2004, at 9:48 AM, Oliver Aaltonen wrote: > > > > > > > >>>>>>>>>> > > > > > > > >>>>>>>>>>> I am experiencing a problem logging onto the GNOME > > > desktop > > > > > > > >>>>>>>>>>> with > > > > > > > >>>>>>>>>>> the > > > > > > > >>>>>>>>>>> following setup: > > > > > > > >>>>>>>>>>> > > > > > > > >>>>>>>>>>> Server (RHEL3 AS) is exporting /home via NFS and running > > > an > > > > > > > >>>>>>>>>>> LDAP > > > > > > > >>>>>>>>>>> server for authentication. Client (RHEL3 WS) is mounting > > > > > > > >>>>>>>>>>> /home > > > > > > > >>>>>>>>>>> via > > > > > > > >>>>>>>>>>> an > > > > > > > >>>>>>>>>>> entry in /etc/fstab. > > > > > > > >>>>>>>>>>> > > > > > > > >>>>>>>>>>> The mount works fine, and client is set up for LDAP > > > > > > > >>>>>>>>>>> authentication > > > > > > > >>>>>>>>>>> correctly. I can log in through the console or SSH into > > > the > > > > > > > >>>>>>>>>>> client > > > > > > > >>>>>>>>>>> machine and access the user's home directory and work > > > > > > > >>>>>>>>>>> perfectly > > > > > > > >>>>>>>>>>> normally. > > > > > > > >>>>>>>>>>> > > > > > > > >>>>>>>>>>> The only problem I have is when I try to log onto the > > > client > > > > > > > >>>>>>>>>>> machine > > > > > > > >>>>>>>>>>> using GDM to run X locally. If I log in as one of the > > > users > > > > > > > >>>>>>>>>>> on > > > > > > > >>>>>>>>>>> the > > > > > > > >>>>>>>>>>> server, with their home directory in the mounted share, > > > the > > > > > > > >>>>>>>>>>> user > > > > > > > >>>>>>>>>>> is > > > > > > > >>>>>>>>>>> authenticated and the screen turns blank with a cursor > > > and > > > > > > > >>>>>>>>>>> sits > > > > > > > >>>>>>>>>>> there, > > > > > > > >>>>>>>>>>> not bringing up a GNOME desktop. I can log in through > > > GDM > > > > > > > >>>>>>>>>>> into > > > > > > > >>>>>>>>>>> a > > > > > > > >>>>>>>>>>> "failsafe" session, but not GNOME. If I log in as root > > > on > > > > > the > > > > > > > >>>>>>>>>>> client > > > > > > > >>>>>>>>>>> machine, everything works fine, and the GNOME desktop > > > comes > > > > > > > >>>>>>>>>>> up > > > > > > > >>>>>>>>>>> correctly. > > > > > > > >>>>>>>>>>> > > > > > > > >>>>>>>>>>> There are no obvious errors in the logs that I can find. > > > > > > > >>>>>>>>>>> > > > > > > > >>>>>>>>>>> Any thoughts? Thanks in advance, > > > > > > > >>>>>>>>>>> > > > > > > > >>>>>>>>>>> Oliver > > > > > > > >>>>>>>>>>> > > > > > > > > -- > > > > > > Cordialement, > > > Jean-Christophe VALIERE > > > > > > > > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list