Solved FreeBSD 13.1 - Lightdm 1.32 user autologin

Hello.
I am using FreeBSD 13.1 with mate and Lightdm 1.32 as Display Manager.

I can't get the user to automatically login without having to enter the password.

In the file /usr/local/etc/lightdm/lightdm.conf I have the proper instructions, or so I think:
Code:
[Seat:*]
type=local
pam-service=lightdm
pam-autologin-service=lightdm-autologin
pam-greeter-service=lightdm-greeter
(.........)
autologin-user=edurios
autologin-user-timeout=0
#autologin-in-background=false
#autologin-session=
#exit-on-failure=false
I don't know if it has something to do with it, but in /var/log/messages I see entries like this:
Code:
lightdm[1563]: in openpam_load_module(): no pam_succeed_if.so found
It fails me since the lightdm package was updated to version 1.32.0. With the previous version it worked fine.

Thanks.
 

Attachments

  • lightdm.conf
    6.5 KB · Views: 76
What's in /etc/pam.d/system? Is there a /etc/pam.d/lightdm (or something similarly named)? I'm betting you've used a Linux PAM configuration for /etc/pam.d/lightdm. There is no pam_succeed_if.so on FreeBSD.
 
There is most likely a /usr/local/etc/pam.d/lightdm or similar. If that was installed by the port and cotains pam_succeed_if.so, that's actually a bug.

From what I've seen so far, this module is often used to check e.g. for invalid shells. If that's the case here, you can most likely just comment it out.
 
There is most likely a /usr/local/etc/pam.d/lightdm or similar. If that was installed by the port and cotains pam_succeed_if.so, that's actually a bug.
pkg-plist seems to have it. So it looks like it came from the port/package.


There are a couple of patch files that deal with the PAM files:

None of them seem to do anything with pam_succeed_if.so though.
 
What's in /etc/pam.d/system? Is there a /etc/pam.d/lightdm (or something similarly named)? I'm betting you've used a Linux PAM configuration for /etc/pam.d/lightdm. There is no pam_succeed_if.so on FreeBSD.

In /etc/pam.d/system
Code:
# System-wide defaults
# 
 
# auth
auth            sufficient      pam_opie.so             no_warn no_fake_prompts
auth            requisite       pam_opieaccess.so       no_warn allow_local
#auth           sufficient      pam_krb5.so             no_warn try_first_pass
#auth           sufficient      pam_ssh.so              no_warn try_first_pass
auth            required        pam_unix.so             no_warn try_first_pass nullok

# account
#account        required        pam_krb5.so
account         required        pam_login_access.so
account         required        pam_unix.so

# session
#session        optional        pam_ssh.so              want_agent
session         required        pam_lastlog.so          no_fail

# password
#password       sufficient      pam_krb5.so             no_warn try_first_pass
password        required        pam_unix.so             no_warn try_first_pass
In /usr/local/etc/pam.d/lightdm
Code:
# PAM configuration for the "lightdm" service
#

# auth
auth            sufficient      pam_self.so             no_warn
auth            include         system

# account
account         requisite       pam_securetty.so
account         required        pam_nologin.so
account         include         system

# session
session         include         system

# password
password        include         system

Thank you
 
According to the pkg-plist, there's /usr/local/etc/pam.d/lightdm-autologin. That's most likely what you should check.
 
According to the pkg-plist, there's /usr/local/etc/pam.d/lightdm-autologin. That's most likely what you should check.

In /usr/local/etc/pam.d/lightdm-autologin
Code:
#%PAM-1.0
# Block login if shell in nologin or false
auth      required pam_succeed_if.so shell notin /sbin/nologin:/usr/sbin/nologin

# Block login if they are globally disabled
account      required pam_nologin.so

# Load environment from /etc/environment and ~/.pam_environment
#auth      required pam_env.so

# Allow access without authentication
auth      required pam_permit.so

# Stop autologin if account requires action
account   required pam_unix.so        no_warn try_first_pass

# Can't change password
password  required pam_deny.so

# Setup session
session   required pam_permit.so

Thank you
 
SOLVED!!

Commentting with # the line:

Code:
auth      required pam_succeed_if.so shell notin /sbin/nologin:/usr/sbin/nologin

In /usr/local/etc/pam.d/lightdm-autologin

Thank you very much for your help.
 
Back
Top