[X] I have searched the existing issues and found none that matched mine
Describe the issue
When user login on ubuntu 23.04 server, session opens and closes. I have tried on ubuntu desktop, and it works with the same config.
Steps to reproduce it
2023-10-05T08:24:17.473669+00:00 xxxxxx login[1388]: pam_unix(login:session): session opened for user johndoe@xxxxxx.onmicrosoft.com(uid=2952890016) by LOGIN(uid=0)
2023-10-05T08:24:17.541149+00:00 xxxxxx systemd-logind[792]: New session 8 of user johndoe@xxxxxx.onmicrosoft.com.
2023-10-05T08:24:17.570740+00:00 xxxxxx systemd: pam_unix(systemd-user:session): session opened for user johndoe@xxxxxx.onmicrosoft.com(uid=2952890016) by (uid=0)
2023-10-05T08:24:17.718291+00:00 xxxxxx login[1388]: pam_unix(login:session): session closed for user johndoe@xxxxxx.onmicrosoft.com
2023-10-05T08:24:17.720102+00:00 xxxxxx systemd-logind[792]: Session 8 logged out. Waiting for processes to exit.
2023-10-05T08:24:17.784276+00:00 xxxxxx systemd-logind[792]: Removed session 8.
Is there an existing issue for this?
Describe the issue
When user login on ubuntu 23.04 server, session opens and closes. I have tried on ubuntu desktop, and it works with the same config.
Steps to reproduce it
2023-10-05T08:24:17.473669+00:00 xxxxxx login[1388]: pam_unix(login:session): session opened for user johndoe@xxxxxx.onmicrosoft.com(uid=2952890016) by LOGIN(uid=0) 2023-10-05T08:24:17.541149+00:00 xxxxxx systemd-logind[792]: New session 8 of user johndoe@xxxxxx.onmicrosoft.com. 2023-10-05T08:24:17.570740+00:00 xxxxxx systemd: pam_unix(systemd-user:session): session opened for user johndoe@xxxxxx.onmicrosoft.com(uid=2952890016) by (uid=0) 2023-10-05T08:24:17.718291+00:00 xxxxxx login[1388]: pam_unix(login:session): session closed for user johndoe@xxxxxx.onmicrosoft.com 2023-10-05T08:24:17.720102+00:00 xxxxxx systemd-logind[792]: Session 8 logged out. Waiting for processes to exit. 2023-10-05T08:24:17.784276+00:00 xxxxxx systemd-logind[792]: Removed session 8.
Ubuntu users: System information and logs
Libnss
ProblemType: Bug ApportVersion: 2.26.1-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass Date: Thu Oct 5 08:28:09 2023 Dependencies: aad-common 0.4 apt 2.6.0 apt-utils 2.6.0 base-passwd 3.6.1 ca-certificates 20230311ubuntu0.23.04.1 debconf 1.5.82 debconf-i18n 1.5.82 dpkg 1.21.21ubuntu1 gcc-13-base 13.1.0-2ubuntu2~23.04 gpgv 2.2.40-1.1ubuntu1 krb5-locales 1.20.1-1build1 libacl1 2.3.1-3 libapt-pkg6.0 2.6.0 libbz2-1.0 1.0.8-5build1 libc6 2.37-0ubuntu2.1 libcap2 1:2.66-3ubuntu2.1 libcom-err2 1.47.0-1ubuntu1 libcrypt1 1:4.4.33-2 libdb5.3 5.3.28+dfsg2-1 libdebconfclient0 0.267ubuntu1 libffi8 3.4.4-1 libgcc-s1 13.1.0-2ubuntu2~23.04 libgcrypt20 1.10.1-3ubuntu1 libgmp10 2:6.2.1+dfsg1-1.1ubuntu1 libgnutls30 3.7.8-5ubuntu1 libgpg-error-l10n 1.46-1 libgpg-error0 1.46-1 libgssapi-krb5-2 1.20.1-1build1 libhogweed6 3.8.1-2 libidn2-0 2.3.3-1build1 libk5crypto3 1.20.1-1build1 libkeyutils1 1.6.3-2 libkrb5-3 1.20.1-1build1 libkrb5support0 1.20.1-1build1 liblocale-gettext-perl 1.07-5 liblz4-1 1.9.4-1 liblzma5 5.4.1-0.2 libmd0 1.0.4-2 libnettle8 3.8.1-2 libnsl2 1.3.0-2build2 libnss-nis 3.1-0ubuntu6 libnss-nisplus 1.3-0ubuntu6 libp11-kit0 0.24.1-2ubuntu1 libpcre2-8-0 10.42-1 libseccomp2 2.5.4-1ubuntu3 libselinux1 3.4-1build4 libsqlite3-0 3.40.1-1 libssl3 3.0.8-1ubuntu1.2 libstdc++6 13.1.0-2ubuntu2~23.04 libsystemd0 252.5-2ubuntu3 libtasn1-6 4.19.0-2 libtext-charwidth-perl 0.04-11 libtext-iconv-perl 1.7-8 libtext-wrapi18n-perl 0.06-10 libtirpc-common 1.3.3+ds-1 libtirpc3 1.3.3+ds-1 libudev1 252.5-2ubuntu3 libunistring2 1.0-2 libxxhash0 0.8.1-1 libzstd1 1.5.4+dfsg2-4 openssl 3.0.8-1ubuntu1.2 perl-base 5.36.0-7ubuntu0.23.04.1 tar 1.34+dfsg-1.2ubuntu0.1 ubuntu-keyring 2021.03.26 zlib1g 1:1.2.13.dfsg-1ubuntu4 DistroRelease: Ubuntu 23.04 InstallationDate: Installed on 2023-10-04 (0 days ago) InstallationMedia: Ubuntu-Server 23.04 "Lunar Lobster" - Release amd64 (20230415) Package: libnss-aad 0.4 PackageArchitecture: amd64 ProcCpuinfoMinimal: processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 165 model name : Intel(R) Core(TM) i5-10600K CPU @ 4.10GHz stepping : 5 microcode : 0xec cpu MHz : 4104.001 cache size : 12288 KB physical id : 1 siblings : 2 core id : 1 cpu cores : 2 apicid : 3 initial apicid : 3 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc cpuid tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single ssbd ibrs ibpb stibp ibrs_enhanced fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat pku ospke md_clear flush_l1d arch_capabilities bugs : spectre_v1 spectre_v2 spec_store_bypass swapgs itlb_multihit srbds mmio_stale_data retbleed eibrs_pbrsb gds bogomips : 8208.00 clflush size : 64 cache_alignment : 64 address sizes : 45 bits physical, 48 bits virtual power management: ProcEnviron: LANG=es_ES.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm ProcVersionSignature: Ubuntu 6.2.0-34.34-generic 6.2.16 SourcePackage: aad-auth Tags: lunar Uname: Linux 6.2.0-34-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) _MarkForUpload: True
libpam
ProblemType: Bug .etc.adduser.conf:
/etc/adduser.conf: `adduser' configuration.
See adduser(8) and adduser.conf(5) for full documentation.
A commented out setting indicates that this is the default in the
code. If you need to change those settings, remove the comment and
make your intended change.
The DSHELL variable specifies the default login shell on your
system.
Default: DSHELL=/bin/bash
DSHELL=/bin/bash
The DHOME variable specifies the directory containing users' home
directories.
Default: DHOME=/home
DHOME=/home
If GROUPHOMES is "yes", then the home directories will be created as
/home/groupname/user.
Default: GROUPHOMES=no
GROUPHOMES=no
If LETTERHOMES is "yes", then the created home directories will have
an extra directory - the first letter of the user name. For example:
/home/u/user.
Default: LETTERHOMES=no
LETTERHOMES=no
The SKEL variable specifies the directory containing "skeletal" user
files; in other words, files such as a sample .profile that will be
copied to the new user's home directory when it is created.
Default: SKEL=/etc/skel
SKEL=/etc/skel
FIRSTSYSTEM[GU]ID to LASTSYSTEM[GU]ID inclusive is the range for UIDs
for dynamically allocated administrative and system accounts/groups.
Please note that system software, such as the users allocated by the
base-passwd package, may assume that UIDs less than 100 are unallocated.
Default: FIRST_SYSTEM_UID=100, LAST_SYSTEM_UID=999
FIRST_SYSTEM_UID=100
LAST_SYSTEM_UID=999
Default: FIRST_SYSTEM_GID=100, LAST_SYSTEM_GID=999
FIRST_SYSTEM_GID=100
LAST_SYSTEM_GID=999
FIRST[GU]ID to LAST[GU]ID inclusive is the range of UIDs of dynamically
allocated user accounts/groups.
Default: FIRST_UID=1000, LAST_UID=59999
FIRST_UID=1000
LAST_UID=59999
Default: FIRST_GID=1000, LAST_GID=59999
FIRST_GID=1000
LAST_GID=59999
The USERGROUPS variable can be either "yes" or "no". If "yes" each
created user will be given their own group to use as a default. If
"no", each created user get the primary group defined below as
USERS_GROUP or USERS_GID.
Default: USERGROUPS=yes
USERGROUPS=yes
Newly created users get this group as primary group if USERGROUPS
"no", and as a supplemental group if USERGROUPS is "yes".
Set one of the variables to reference the group. Don't set both.
Default: USERS_GID=undefined, USERS_GROUP=undefined
USERS_GID=100
USERS_GROUP=users
If DIR_MODE is set, directories will be created with the specified
mode. Otherwise the default mode 0750 will be used.
Default: DIR_MODE=0750
DIR_MODE=0750
When creating system accounts: if SYS_DIR_MODE is set (and a home
location is specified), the directories will be created with the
specified mode. Otherwise the default mode 0750 will be used.
Default: SYS_DIR_MODE=0750
SYS_DIR_MODE=0750
If SETGID_HOME is "yes" home directories for users with their own
group the setgid bit will be set. This was the default for
versions << 3.13 of adduser. Because it has some bad side effects we
no longer do this per default. If you want it nevertheless you can
still set it here. Note: this feature is DEPRECATED and will be
removed in a future version of adduser; please use the DIR_MODE
settings above instead.
Default: SETGID_HOME=no
SETGID_HOME=no
If QUOTAUSER is set, a default quota will be set from that user with
`edquota -p QUOTAUSER newuser'
Default: QUOTAUSER=""
QUOTAUSER=""
If SKEL_IGNORE_REGEX is set, adduser will ignore files matching this
regular expression when creating a new home directory
Default: SKEL_IGNORE_REGEX="(dpkg|ucf)-(old|new|dist|save)"
SKEL_IGNORE_REGEX="(dpkg|ucf)-(old|new|dist|save)"
Set this if you want the --add-extra-groups option to adduser to add
new users to other groups.
This is the list of groups that new non-system users will be added to
Default: EXTRA_GROUPS="users"
EXTRA_GROUPS="users"
If ADD_EXTRA_GROUPS is set to something non-zero, the EXTRA_GROUPS
option above will be default behavior for adding new, non-system users
Default: ADD_EXTRA_GROUPS=0
ADD_EXTRA_GROUPS=0
check user and group names also against this regular expression.
Default: NAMEREGEX="^[a-z][-a-z0-9]*\$?$"
NAMEREGEX="^[a-z][-a-z0-9]*\$?$"
check system user and group names also against this regular expression.
Default: SYS_NAMEREGEX="^[A-Za-z][-A-Za-z0-9_]*\$?$"
SYS_NAMEREGEX="^[A-Za-z][-A-Za-z0-9_]*\$?$"
use extrausers by default
USE_EXTRAUSERS=1
.etc.pam.d.common-auth: #
/etc/pam.d/common-auth - authentication settings common to all services
#
This file is included from other service-specific PAM config files,
and should contain a list of the authentication modules that define
the central authentication scheme for use on the system
(e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
traditional Unix authentication mechanisms.
#
As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
To take advantage of this, it is recommended that you configure any
local modules either before or after the default block, and use
pam-auth-update to manage selection of other modules. See
pam-auth-update(8) for details.
here are the per-package modules (the "Primary" block)
auth [success=2 default=ignore] pam_unix.so nullok auth [success=1 default=ignore] pam_aad.so
here's the fallback if no module succeeds
auth requisite pam_deny.so
prime the stack with a positive return value if there isn't one already;
this avoids us returning an error just because nothing sets a success code
since the modules above will each just jump around
auth required pam_permit.so
and here are more per-package modules (the "Additional" block)
auth optional pam_cap.so
end of pam-auth-update config
ApportVersion: 2.26.1-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass Date: Thu Oct 5 08:28:06 2023 Dependencies: aad-common 0.4 apt 2.6.0 apt-utils 2.6.0 base-passwd 3.6.1 ca-certificates 20230311ubuntu0.23.04.1 debconf 1.5.82 debconf-i18n 1.5.82 dpkg 1.21.21ubuntu1 gcc-13-base 13.1.0-2ubuntu2~23.04 gpgv 2.2.40-1.1ubuntu1 krb5-locales 1.20.1-1build1 libacl1 2.3.1-3 libapt-pkg6.0 2.6.0 libaudit-common 1:3.0.9-1 libaudit1 1:3.0.9-1 libbz2-1.0 1.0.8-5build1 libc6 2.37-0ubuntu2.1 libcap-ng0 0.8.3-1build2 libcap2 1:2.66-3ubuntu2.1 libcom-err2 1.47.0-1ubuntu1 libcrypt1 1:4.4.33-2 libdb5.3 5.3.28+dfsg2-1 libdebconfclient0 0.267ubuntu1 libffi8 3.4.4-1 libgcc-s1 13.1.0-2ubuntu2~23.04 libgcrypt20 1.10.1-3ubuntu1 libgmp10 2:6.2.1+dfsg1-1.1ubuntu1 libgnutls30 3.7.8-5ubuntu1 libgpg-error-l10n 1.46-1 libgpg-error0 1.46-1 libgssapi-krb5-2 1.20.1-1build1 libhogweed6 3.8.1-2 libidn2-0 2.3.3-1build1 libk5crypto3 1.20.1-1build1 libkeyutils1 1.6.3-2 libkrb5-3 1.20.1-1build1 libkrb5support0 1.20.1-1build1 liblocale-gettext-perl 1.07-5 liblz4-1 1.9.4-1 liblzma5 5.4.1-0.2 libmd0 1.0.4-2 libnettle8 3.8.1-2 libnsl2 1.3.0-2build2 libnss-nis 3.1-0ubuntu6 libnss-nisplus 1.3-0ubuntu6 libp11-kit0 0.24.1-2ubuntu1 libpam0g 1.5.2-5ubuntu1 libpcre2-8-0 10.42-1 libseccomp2 2.5.4-1ubuntu3 libselinux1 3.4-1build4 libssl3 3.0.8-1ubuntu1.2 libstdc++6 13.1.0-2ubuntu2~23.04 libsystemd0 252.5-2ubuntu3 libtasn1-6 4.19.0-2 libtext-charwidth-perl 0.04-11 libtext-iconv-perl 1.7-8 libtext-wrapi18n-perl 0.06-10 libtirpc-common 1.3.3+ds-1 libtirpc3 1.3.3+ds-1 libudev1 252.5-2ubuntu3 libunistring2 1.0-2 libxxhash0 0.8.1-1 libzstd1 1.5.4+dfsg2-4 openssl 3.0.8-1ubuntu1.2 perl-base 5.36.0-7ubuntu0.23.04.1 tar 1.34+dfsg-1.2ubuntu0.1 ubuntu-keyring 2021.03.26 zlib1g 1:1.2.13.dfsg-1ubuntu4 DistroRelease: Ubuntu 23.04 InstallationDate: Installed on 2023-10-04 (0 days ago) InstallationMedia: Ubuntu-Server 23.04 "Lunar Lobster" - Release amd64 (20230415) Package: libpam-aad 0.4 [modified: usr/share/pam-configs/aad] PackageArchitecture: amd64 ProcCpuinfoMinimal: processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 165 model name : Intel(R) Core(TM) i5-10600K CPU @ 4.10GHz stepping : 5 microcode : 0xec cpu MHz : 4104.001 cache size : 12288 KB physical id : 1 siblings : 2 core id : 1 cpu cores : 2 apicid : 3 initial apicid : 3 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon nopl xtopology tsc_reliable nonstop_tsc cpuid tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single ssbd ibrs ibpb stibp ibrs_enhanced fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap clflushopt xsaveopt xsavec xgetbv1 xsaves arat pku ospke md_clear flush_l1d arch_capabilities bugs : spectre_v1 spectre_v2 spec_store_bypass swapgs itlb_multihit srbds mmio_stale_data retbleed eibrs_pbrsb gds bogomips : 8208.00 clflush size : 64 cache_alignment : 64 address sizes : 45 bits physical, 48 bits virtual power management: ProcEnviron: LANG=es_ES.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm ProcVersionSignature: Ubuntu 6.2.0-34.34-generic 6.2.16 RelatedPackageVersions: libpam-runtime 1.5.2-5ubuntu1 libpam0g 1.5.2-5ubuntu1 SourcePackage: aad-auth Tags: lunar Uname: Linux 6.2.0-34-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) _MarkForUpload: True
Non Ubuntu users: System information and logs
Environment
aad-cli version/etc/os-release)/etc/os-release):Log files
Please redact/remove sensitive information:
Application settings
Please redact/remove sensitive information:
Relevant information
No response
Double check your logs