How to enable Authselect

Continuing the discussion from No login screen after upgrade to f43 (Solved: authselect was never set up on a system upgraded through many versions):

Hi @amunir.

I’ve started a new thread since the one you replied to is quite old.

Are you sure Authselect isn’t already enabled?

What is the output of authselect current?

Before you (forcibly) switch to Authselect, you might want to check your customizations under /etc/pam.d. A command like the following might work to see if you have any customizations that would be overwritten.

sudo bash -c '(for f in /etc/pam.d/*; do rpm -qf "$f" | grep -v " "; done) | sort | uniq | xargs -r rpm -V'

If that command doesn’t list any files, then you are probably fine to run sudo authselect select local to enable authselect.^[1]

1. If you use SSSD, replace local with sssd. ↩︎

sudo bash -c ‘(for f in /etc/pam.d/*; do rpm -qf “$f” | grep -v " "; done) | sort | uniq | xargs -r rpm -V’
…T. c /etc/gdm/custom.conf
.M… g /run/gdm
.M… g /var/lib/gdm
.M…G.. g /var/log/gdm
.M…UG.. g /run/lightdm
S.5…T. c /etc/ssh/sshd_config

Ah, sorry, I tested that command on a Sway system and it was much less noisy. I’m a little surprised that all those temp files are showing up with a GNOME system, but they are not important. Since there are no customized files under /etc/pam.d that are showing up, I think you are safe to run sudo authselect select local.^[1] Assuming that the problem really is that Authselect is not currently enabled, that should resolve your issue.

1. If there were customizations, then you would have wanted to build a custom Authselect profile first. ↩︎

I ran this sudo authselect select sssd and it set that up. I will test it tomorrow when I am back in office. SSH works fine but could not login on desktop monitor. Thanks

Still not log me in from desk top. Here is logs from /var/log/secure

Apr 17 09:14:14 middlewareadmin gdm-password][2772]: gkr-pam: unable to locate daemon control file
Apr 17 09:14:14 middlewareadmin gdm-password][2772]: gkr-pam: stashed password to try later in open session
Apr 17 09:14:14 middlewareadmin gdm-password][2772]: pam_unix(gdm-password:session): session opened for user amunir(uid=1000) by amunir(uid=0)
Apr 17 09:14:14 middlewareadmin gdm-password][2772]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring
Apr 17 09:14:18 middlewareadmin gdm-password][2772]: pam_unix(gdm-password:session): session closed for user amunir

same log from my ssh sesion a min ago:

Apr 17 09:12:59 middlewareadmin sshd-session[1263]: Accepted password for amunir from 152.7.148.57 port 50753 ssh2
Apr 17 09:13:00 middlewareadmin (systemd)[1453]: pam_unix(systemd-user:session): session opened for user amunir(uid=1000) by amunir(uid=0)
Apr 17 09:13:00 middlewareadmin sshd-session[1263]: pam_unix(sshd:session): session opened for user amunir(uid=1000) by amunir(uid=0)
Apr 17 09:13:42 middlewareadmin sudo[2749]: amunir : TTY=pts/0 ; PWD=/var/log ; USER=root ; COMMAND=/usr/bin/tail -1000f secure
Apr 17 09:13:42 middlewareadmin sudo[2749]: pam_unix(sudo:session): session opened for user root(uid=0) by amunir(uid=1000)

According to the log you shared, it signed you in and then you signed out. Maybe there is something wrong with the GDM configuration? Your earlier post indicated that you have modified /etc/gdm/custom.conf.

Yes, I did comment out the line WaylandEnable=false to see log in page. uncomment is gave me black screen. no login page coming up.

X11 support has been completely removed.

Are you trying to start a X11-based desktop environment? I haven’t used GDM in a while, but I think there is a drop-down menu somewhere that will let you switch which desktop environment you are trying to sign into (GNOME classic, etc.).

I just want my desktop monitor work back as used to be.

I’m sure it can be fixed, but it is difficult to say what needs to be done without more information. Do you see GDM (i.e. the login screen) and then it turns black after you try to sign in, or do you never even see GDM? If you never see GDM, it might be a problem with the video driver and you might be able to get things working again by selecting your previous Linux kernel when booting your system.

Yes, I see my login screen comes up when I put my passwd to log in, it just stay there. after a min or so turn back to login screen.

You might try reinstalling the “workstation-product-environment”.

sudo dnf install @workstation-product-environment

amunir@middlewareadmin dconf]$ sudo dnf reinstall @workstation-product-environment
Updating and loading repositories:
Repositories loaded.
Failed to resolve the transaction:
Reinstall action for argument “workstation-product-environment” is not supported.

Ah, sorry, “reinstall” isn’t an option for the environments. Try just “install” then.

yes install worked. it is runnng now.

You might also try removing that /etc/gdm/custom.conf file.

Install completed and romved /etc/gdm/custom.conf, still no luck still same. I can ssh to my desktop from my laptop but login to desktop stll not working.

Apr 17 10:23:36 middlewareadmin gdm-password][2798]: gkr-pam: unable to locate daemon control file
Apr 17 10:23:36 middlewareadmin gdm-password][2798]: gkr-pam: stashed password to try later in open session
Apr 17 10:23:36 middlewareadmin gdm-password][2798]: pam_unix(gdm-password:session): session opened for user amunir(uid=1000) by amunir(uid=0)
Apr 17 10:23:36 middlewareadmin gdm-password][2798]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring
Apr 17 10:23:40 middlewareadmin gdm-password][2798]: pam_unix(gdm-password:session): session closed for user amunir

You might try restarting your PC and selecting the previous Linux kernel from the boot menu. I think you will have to hold the Shift key very early when booting to get the boot menu to show.

Also, does sudo journalctl --since=today -g gnome show any interesting error messages? If that shows too much info, you could add -p err (i.e. sudo journalctl -g gnome -p err)