[BALUG-Talk] Lubuntu 14.04 guest session login failure

Elizabeth K. Joseph lyz at princessleia.com
Sat Jul 8 20:10:12 PDT 2017


On Mon, Apr 3, 2017 at 11:20 PM, Christian Einfeldt <einfeldt at gmail.com> wrote:
> Hi,
>
> I am experiencing a very strange thing for which there are no ready answers
> by googling.  I am a volunteer for a non-profit which puts GNU-Linux
> computers in low income shelters.  They are stand-alone machines connected
> directly to the Internet via a hub on a dedicated ethernet cable.
>
> The shelters don't want the users to be able to store anything directly to
> the machine's hard drive.  To give them that functionality, we ask them to
> use the guest session, which wipes out all data by default when the session
> ends.
>
> Right now, however, we are experiencing a failure of logging into the guest
> session.  Normally, you just choose the guest session in the Lubuntu login
> screen, and hit enter, and it boots up a full guest session.  No password is
> required.
>
> Now, when I chose the guest session and hit enter, the system appears to
> head toward a normal login, but then quickly fails and returns to the login
> screen.
>
> The system's SU admin account is performing normally.  To get into the admin
> account, I just choose it in the login screen, enter the password, and the
> admin session boots up normally.
>
> This whole thing is very strange, and I have never seen anything like it
> before.  We are using 14.04 on 13 machines with identical or similar
> hardware and are not having any such problems.  This email is being written
> on one of those such machines, and the guest session works just fine.
>
> I ran updates on the malfunctioning machines, rebooted, no joy.
>
> Thanks very much in advance.

In case anyone was curious as to what happened with this, I finally
had some time to sit down on site this evening and do some debugging.

Some background as to how the guest logins work in Lubuntu: A
guest-XXXXX (random characters) user is created upon login, which is
used throughout the session. It is then deleted when the user logs
out.

After some red herrings in the auth logs (mostly PAM errors around KDE
and Gnome keyrings), I did some digging in the lightdm logs.
Eventually I noticed the UID of the guest account trying to be created
was the same every time a login attempt was made: 999. Odd. So I
looked in /etc/passwd and noticed that there were hundreds of
guest-XXXXX accounts. That's no good!

Turns out, at some point the /etc/subgid.lock file got stuck in an
existing state (wasn't deleted when the lock concluded), which meant
the command to delete the user was not completing successfully upon
logout. Users were piling up and never being deleted. Once the UIDs
hit 999 it was failing to create new guest users, so the login would
fail. I quick mv (rm didn't work) of the subgid.lock file and a script
to delete all the guest accounts got us going again.

I'm considering my options to get us out of this reoccurring issue in
the future. I'm thinking of just a cron job on each machine that
checks for a subgid.lock file sticking around for more than a couple
days and moving it out of the way, but I'll sleep on it. More clever
suggestions welcome ;)

-- 
Elizabeth Krumbach Joseph || Lyz || pleia2


More information about the BALUG-Talk mailing list