[ovirt-users] Re: unable to login cockpit using root after upgrading to 4.4.6
On Tue, May 18, 2021 at 7:39 AM <jabeard24(a)gmail.com> wrote:
Hello.
I'm having the same issue with cockpit on the nodes. I'm unable to login
as root or local user. I went from 4.4.5 to 4.4.6. It worked fine before
the upgrade. I know the password is correct because I can log into the node
via console and ssh. On one of the nodes I created a local account and have
the same issue. The admin account works fine on the hosted engine VM.
I have not 4.4.6 yet, but could it be a change in /etc/pam.d/cockpit file?
On my 4.4.5 CentOS 8.3 based host, where I can connect as root in cockpit
host console, I currently have this:
#%PAM-1.0
# this MUST be first in the "auth" stack as it sets PAM_USER
# user_unknown is definitive, so die instead of ignore to avoid subsequent
modules mess up the error code
-auth [success=done new_authtok_reqd=done user_unknown=die
default=ignore] pam_cockpit_cert.so
auth required pam_sepermit.so
auth substack password-auth
auth include postlogin
auth optional pam_ssh_add.so
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in
the user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session optional pam_ssh_add.so
session include password-auth
session include postlogin
Gianluca
Attachments:
- attachment.html (text/html — 2.1 KB)