On Tue, May 18, 2021 at 7:39 AM <jabeard24@gmail.com> wrote:
Hello. I'm having the same issue with cockpit on the nodes. I'm unable to login as root or local user. I went from 4.4.5 to 4.4.6. It worked fine before the upgrade. I know the password is correct because I can log into the node via console and ssh. On one of the nodes I created a local account and have the same issue. The admin account works fine on the hosted engine VM.
I have not 4.4.6 yet, but could it be a change in /etc/pam.d/cockpit file? On my 4.4.5 CentOS 8.3 based host, where I can connect as root in cockpit host console, I currently have this: #%PAM-1.0 # this MUST be first in the "auth" stack as it sets PAM_USER # user_unknown is definitive, so die instead of ignore to avoid subsequent modules mess up the error code -auth [success=done new_authtok_reqd=done user_unknown=die default=ignore] pam_cockpit_cert.so auth required pam_sepermit.so auth substack password-auth auth include postlogin auth optional pam_ssh_add.so account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session optional pam_ssh_add.so session include password-auth session include postlogin Gianluca