This repository has been archived by the owner on May 2, 2024. It is now read-only.
Issue: Session open and close #362
Labels
bug
Something isn't working
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Is there an existing issue for this?
Describe the issue
When user login on ubuntu 23.04 server, session opens and closes. I have tried on ubuntu desktop, and it works with the same config.
Steps to reproduce it
2023-10-05T08:24:17.473669+00:00 xxxxxx login[1388]: pam_unix(login:session): session opened for user johndoe@xxxxxx.onmicrosoft.com(uid=2952890016) by LOGIN(uid=0)
2023-10-05T08:24:17.541149+00:00 xxxxxx systemd-logind[792]: New session 8 of user johndoe@xxxxxx.onmicrosoft.com.
2023-10-05T08:24:17.570740+00:00 xxxxxx systemd: pam_unix(systemd-user:session): session opened for user johndoe@xxxxxx.onmicrosoft.com(uid=2952890016) by (uid=0)
2023-10-05T08:24:17.718291+00:00 xxxxxx login[1388]: pam_unix(login:session): session closed for user johndoe@xxxxxx.onmicrosoft.com
2023-10-05T08:24:17.720102+00:00 xxxxxx systemd-logind[792]: Session 8 logged out. Waiting for processes to exit.
2023-10-05T08:24:17.784276+00:00 xxxxxx systemd-logind[792]: Removed session 8.
Ubuntu users: System information and logs
Libnss
ProblemType: Bug
ApportVersion: 2.26.1-0ubuntu2
Architecture: amd64
CasperMD5CheckResult: pass
Date: Thu Oct 5 08:28:09 2023
Dependencies:
aad-common 0.4
apt 2.6.0
apt-utils 2.6.0
base-passwd 3.6.1
ca-certificates 20230311ubuntu0.23.04.1
debconf 1.5.82
debconf-i18n 1.5.82
dpkg 1.21.21ubuntu1
gcc-13-base 13.1.0-2ubuntu2
23.0423.04gpgv 2.2.40-1.1ubuntu1
krb5-locales 1.20.1-1build1
libacl1 2.3.1-3
libapt-pkg6.0 2.6.0
libbz2-1.0 1.0.8-5build1
libc6 2.37-0ubuntu2.1
libcap2 1:2.66-3ubuntu2.1
libcom-err2 1.47.0-1ubuntu1
libcrypt1 1:4.4.33-2
libdb5.3 5.3.28+dfsg2-1
libdebconfclient0 0.267ubuntu1
libffi8 3.4.4-1
libgcc-s1 13.1.0-2ubuntu2
libgcrypt20 1.10.1-3ubuntu1
libgmp10 2:6.2.1+dfsg1-1.1ubuntu1
libgnutls30 3.7.8-5ubuntu1
libgpg-error-l10n 1.46-1
libgpg-error0 1.46-1
libgssapi-krb5-2 1.20.1-1build1
libhogweed6 3.8.1-2
libidn2-0 2.3.3-1build1
libk5crypto3 1.20.1-1build1
libkeyutils1 1.6.3-2
libkrb5-3 1.20.1-1build1
libkrb5support0 1.20.1-1build1
liblocale-gettext-perl 1.07-5
liblz4-1 1.9.4-1
liblzma5 5.4.1-0.2
libmd0 1.0.4-2
libnettle8 3.8.1-2
libnsl2 1.3.0-2build2
libnss-nis 3.1-0ubuntu6
libnss-nisplus 1.3-0ubuntu6
libp11-kit0 0.24.1-2ubuntu1
libpcre2-8-0 10.42-1
libseccomp2 2.5.4-1ubuntu3
libselinux1 3.4-1build4
libsqlite3-0 3.40.1-1
libssl3 3.0.8-1ubuntu1.2
libstdc++6 13.1.0-2ubuntu2~23.04
libsystemd0 252.5-2ubuntu3
libtasn1-6 4.19.0-2
libtext-charwidth-perl 0.04-11
libtext-iconv-perl 1.7-8
libtext-wrapi18n-perl 0.06-10
libtirpc-common 1.3.3+ds-1
libtirpc3 1.3.3+ds-1
libudev1 252.5-2ubuntu3
libunistring2 1.0-2
libxxhash0 0.8.1-1
libzstd1 1.5.4+dfsg2-4
openssl 3.0.8-1ubuntu1.2
perl-base 5.36.0-7ubuntu0.23.04.1
tar 1.34+dfsg-1.2ubuntu0.1
ubuntu-keyring 2021.03.26
zlib1g 1:1.2.13.dfsg-1ubuntu4
DistroRelease: Ubuntu 23.04
InstallationDate: Installed on 2023-10-04 (0 days ago)
InstallationMedia: Ubuntu-Server 23.04 "Lunar Lobster" - Release amd64 (20230415)
Package: libnss-aad 0.4
PackageArchitecture: amd64
ProcCpuinfoMinimal:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 165
model name : Intel(R) Core(TM) i5-10600K CPU @ 4.10GHz
stepping : 5
microcode : 0xec
cpu MHz : 4104.001
cache size : 12288 KB
physical id : 1
siblings : 2
core id : 1
cpu cores : 2
apicid : 3
initial apicid : 3
fpu : yes
fpu_exception : yes
cpuid level : 22
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc cpuid tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single ssbd ibrs ibpb stibp ibrs_enhanced fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat pku ospke md_clear flush_l1d arch_capabilities
bugs : spectre_v1 spectre_v2 spec_store_bypass swapgs itlb_multihit srbds mmio_stale_data retbleed eibrs_pbrsb gds
bogomips : 8208.00
clflush size : 64
cache_alignment : 64
address sizes : 45 bits physical, 48 bits virtual
power management:
ProcEnviron:
LANG=es_ES.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=xterm
ProcVersionSignature: Ubuntu 6.2.0-34.34-generic 6.2.16
SourcePackage: aad-auth
Tags: lunar
Uname: Linux 6.2.0-34-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
_MarkForUpload: True
libpam
ProblemType: Bug
.etc.adduser.conf:
/etc/adduser.conf: `adduser' configuration.
See adduser(8) and adduser.conf(5) for full documentation.
A commented out setting indicates that this is the default in the
code. If you need to change those settings, remove the comment and
make your intended change.
The DSHELL variable specifies the default login shell on your
system.
Default: DSHELL=/bin/bash
#DSHELL=/bin/bash
The DHOME variable specifies the directory containing users' home
directories.
Default: DHOME=/home
#DHOME=/home
If GROUPHOMES is "yes", then the home directories will be created as
/home/groupname/user.
Default: GROUPHOMES=no
#GROUPHOMES=no
If LETTERHOMES is "yes", then the created home directories will have
an extra directory - the first letter of the user name. For example:
/home/u/user.
Default: LETTERHOMES=no
#LETTERHOMES=no
The SKEL variable specifies the directory containing "skeletal" user
files; in other words, files such as a sample .profile that will be
copied to the new user's home directory when it is created.
Default: SKEL=/etc/skel
#SKEL=/etc/skel
FIRST_SYSTEM_[GU]ID to LAST_SYSTEM_[GU]ID inclusive is the range for UIDs
for dynamically allocated administrative and system accounts/groups.
Please note that system software, such as the users allocated by the
base-passwd package, may assume that UIDs less than 100 are unallocated.
Default: FIRST_SYSTEM_UID=100, LAST_SYSTEM_UID=999
#FIRST_SYSTEM_UID=100
#LAST_SYSTEM_UID=999
Default: FIRST_SYSTEM_GID=100, LAST_SYSTEM_GID=999
#FIRST_SYSTEM_GID=100
#LAST_SYSTEM_GID=999
FIRST_[GU]ID to LAST_[GU]ID inclusive is the range of UIDs of dynamically
allocated user accounts/groups.
Default: FIRST_UID=1000, LAST_UID=59999
#FIRST_UID=1000
#LAST_UID=59999
Default: FIRST_GID=1000, LAST_GID=59999
#FIRST_GID=1000
#LAST_GID=59999
The USERGROUPS variable can be either "yes" or "no". If "yes" each
created user will be given their own group to use as a default. If
"no", each created user get the primary group defined below as
USERS_GROUP or USERS_GID.
Default: USERGROUPS=yes
#USERGROUPS=yes
Newly created users get this group as primary group if USERGROUPS
"no", and as a supplemental group if USERGROUPS is "yes".
Set one of the variables to reference the group. Don't set both.
Default: USERS_GID=undefined, USERS_GROUP=undefined
#USERS_GID=100
#USERS_GROUP=users
If DIR_MODE is set, directories will be created with the specified
mode. Otherwise the default mode 0750 will be used.
Default: DIR_MODE=0750
#DIR_MODE=0750
When creating system accounts: if SYS_DIR_MODE is set (and a home
location is specified), the directories will be created with the
specified mode. Otherwise the default mode 0750 will be used.
Default: SYS_DIR_MODE=0750
#SYS_DIR_MODE=0750
If SETGID_HOME is "yes" home directories for users with their own
group the setgid bit will be set. This was the default for
versions << 3.13 of adduser. Because it has some bad side effects we
no longer do this per default. If you want it nevertheless you can
still set it here. Note: this feature is DEPRECATED and will be
removed in a future version of adduser; please use the DIR_MODE
settings above instead.
Default: SETGID_HOME=no
#SETGID_HOME=no
If QUOTAUSER is set, a default quota will be set from that user with
`edquota -p QUOTAUSER newuser'
Default: QUOTAUSER=""
#QUOTAUSER=""
If SKEL_IGNORE_REGEX is set, adduser will ignore files matching this
regular expression when creating a new home directory
Default: SKEL_IGNORE_REGEX="(dpkg|ucf)-(old|new|dist|save)"
#SKEL_IGNORE_REGEX="(dpkg|ucf)-(old|new|dist|save)"
Set this if you want the --add-extra-groups option to adduser to add
new users to other groups.
This is the list of groups that new non-system users will be added to
Default: EXTRA_GROUPS="users"
#EXTRA_GROUPS="users"
If ADD_EXTRA_GROUPS is set to something non-zero, the EXTRA_GROUPS
option above will be default behavior for adding new, non-system users
Default: ADD_EXTRA_GROUPS=0
#ADD_EXTRA_GROUPS=0
check user and group names also against this regular expression.
Default: NAME_REGEX="^[a-z][-a-z0-9_]*$?$"
#NAME_REGEX="^[a-z][-a-z0-9_]*$?$"
check system user and group names also against this regular expression.
Default: SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*$?$"
#SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*$?$"
use extrausers by default
#USE_EXTRAUSERS=1
.etc.pam.d.common-auth:
/etc/pam.d/common-auth - authentication settings common to all services
This file is included from other service-specific PAM config files,
and should contain a list of the authentication modules that define
the central authentication scheme for use on the system
(e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
traditional Unix authentication mechanisms.
As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
To take advantage of this, it is recommended that you configure any
local modules either before or after the default block, and use
pam-auth-update to manage selection of other modules. See
pam-auth-update(8) for details.
here are the per-package modules (the "Primary" block)
auth [success=2 default=ignore] pam_unix.so nullok
auth [success=1 default=ignore] pam_aad.so
here's the fallback if no module succeeds
auth requisite pam_deny.so
prime the stack with a positive return value if there isn't one already;
this avoids us returning an error just because nothing sets a success code
since the modules above will each just jump around
auth required pam_permit.so
and here are more per-package modules (the "Additional" block)
auth optional pam_cap.so
end of pam-auth-update config
ApportVersion: 2.26.1-0ubuntu2
Architecture: amd64
CasperMD5CheckResult: pass
Date: Thu Oct 5 08:28:06 2023
Dependencies:
aad-common 0.4
apt 2.6.0
apt-utils 2.6.0
base-passwd 3.6.1
ca-certificates 20230311ubuntu0.23.04.1
debconf 1.5.82
debconf-i18n 1.5.82
dpkg 1.21.21ubuntu1
gcc-13-base 13.1.0-2ubuntu2
23.0423.04gpgv 2.2.40-1.1ubuntu1
krb5-locales 1.20.1-1build1
libacl1 2.3.1-3
libapt-pkg6.0 2.6.0
libaudit-common 1:3.0.9-1
libaudit1 1:3.0.9-1
libbz2-1.0 1.0.8-5build1
libc6 2.37-0ubuntu2.1
libcap-ng0 0.8.3-1build2
libcap2 1:2.66-3ubuntu2.1
libcom-err2 1.47.0-1ubuntu1
libcrypt1 1:4.4.33-2
libdb5.3 5.3.28+dfsg2-1
libdebconfclient0 0.267ubuntu1
libffi8 3.4.4-1
libgcc-s1 13.1.0-2ubuntu2
libgcrypt20 1.10.1-3ubuntu1
libgmp10 2:6.2.1+dfsg1-1.1ubuntu1
libgnutls30 3.7.8-5ubuntu1
libgpg-error-l10n 1.46-1
libgpg-error0 1.46-1
libgssapi-krb5-2 1.20.1-1build1
libhogweed6 3.8.1-2
libidn2-0 2.3.3-1build1
libk5crypto3 1.20.1-1build1
libkeyutils1 1.6.3-2
libkrb5-3 1.20.1-1build1
libkrb5support0 1.20.1-1build1
liblocale-gettext-perl 1.07-5
liblz4-1 1.9.4-1
liblzma5 5.4.1-0.2
libmd0 1.0.4-2
libnettle8 3.8.1-2
libnsl2 1.3.0-2build2
libnss-nis 3.1-0ubuntu6
libnss-nisplus 1.3-0ubuntu6
libp11-kit0 0.24.1-2ubuntu1
libpam0g 1.5.2-5ubuntu1
libpcre2-8-0 10.42-1
libseccomp2 2.5.4-1ubuntu3
libselinux1 3.4-1build4
libssl3 3.0.8-1ubuntu1.2
libstdc++6 13.1.0-2ubuntu2~23.04
libsystemd0 252.5-2ubuntu3
libtasn1-6 4.19.0-2
libtext-charwidth-perl 0.04-11
libtext-iconv-perl 1.7-8
libtext-wrapi18n-perl 0.06-10
libtirpc-common 1.3.3+ds-1
libtirpc3 1.3.3+ds-1
libudev1 252.5-2ubuntu3
libunistring2 1.0-2
libxxhash0 0.8.1-1
libzstd1 1.5.4+dfsg2-4
openssl 3.0.8-1ubuntu1.2
perl-base 5.36.0-7ubuntu0.23.04.1
tar 1.34+dfsg-1.2ubuntu0.1
ubuntu-keyring 2021.03.26
zlib1g 1:1.2.13.dfsg-1ubuntu4
DistroRelease: Ubuntu 23.04
InstallationDate: Installed on 2023-10-04 (0 days ago)
InstallationMedia: Ubuntu-Server 23.04 "Lunar Lobster" - Release amd64 (20230415)
Package: libpam-aad 0.4 [modified: usr/share/pam-configs/aad]
PackageArchitecture: amd64
ProcCpuinfoMinimal:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 165
model name : Intel(R) Core(TM) i5-10600K CPU @ 4.10GHz
stepping : 5
microcode : 0xec
cpu MHz : 4104.001
cache size : 12288 KB
physical id : 1
siblings : 2
core id : 1
cpu cores : 2
apicid : 3
initial apicid : 3
fpu : yes
fpu_exception : yes
cpuid level : 22
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc cpuid tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single ssbd ibrs ibpb stibp ibrs_enhanced fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat pku ospke md_clear flush_l1d arch_capabilities
bugs : spectre_v1 spectre_v2 spec_store_bypass swapgs itlb_multihit srbds mmio_stale_data retbleed eibrs_pbrsb gds
bogomips : 8208.00
clflush size : 64
cache_alignment : 64
address sizes : 45 bits physical, 48 bits virtual
power management:
ProcEnviron:
LANG=es_ES.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=xterm
ProcVersionSignature: Ubuntu 6.2.0-34.34-generic 6.2.16
RelatedPackageVersions:
libpam-runtime 1.5.2-5ubuntu1
libpam0g 1.5.2-5ubuntu1
SourcePackage: aad-auth
Tags: lunar
Uname: Linux 6.2.0-34-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
_MarkForUpload: True
Non Ubuntu users: System information and logs
Environment
aad-cli version/etc/os-release)/etc/os-release):Log files
Please redact/remove sensitive information:
Application settings
Please redact/remove sensitive information:
Relevant information
No response
Double check your logs
The text was updated successfully, but these errors were encountered: