error message when login is refused due to missing entry in /etc/shells

[dulhaver]

this is related to #535

My system:

Manjaro Linux
xfce4
lightdm

I just had a situation (documented here) where a missing /usr/bin/bash entry in /etc/shells/ prevented me from login in as a regular user. Only /bin/bash was listed.

That is absolutely fine thus far but the error message I got was something like "Your Password is incorrect ...".
This did not help finding the actual problem. And is not correct.

So I would suggest (unfortunately without having the capabilities to produce a PR) to return a more meaningful error like "Sorry, your login$SHELL is not listed in /etc/shells, which prevents you from logging in."

[rahilarious]

I faced the same, spend a whole day troubleshooting. I encourage someone to fix this

[hallyn]

Can you explain exactly how you were logging in? When I try this on my laptop, I don't see any "password incorrect" messages. If I simply, as root, do 'login test1', I get

Cannot execute /usr/usr/bin/bash: No such file or directory

su - test1 gives me:

su: failed to execute /usr/usr/bin/bash: No such file or directory

[rahilarious]

Can you explain exactly how you were logging in? When I try this on my laptop, I don't see any "password incorrect" messages. If I simply, as root, do 'login test1', I get

Cannot execute /usr/usr/bin/bash: No such file or directory

su - test1 gives me:

su: failed to execute /usr/usr/bin/bash: No such file or directory

Steps to reproduce: (in arch, gentoo at least)

1. Add user with default shell /usr/bin/bash
2. Try to login
3. scratch head wondering why aren't you able to login even with correct password
4. Figure it's because /etc/shells only has /bin/bash but not /usr/bin/bash in default config so pam_shells wont allow to login
5. Add /usr/bin/bash to /etc/shells and see it being fixed. Feel like 200IQ rocket scientist

[hallyn]

I'm asking for specifics about "try to login". On text console (getty)?

[hallyn]

For instance, on ubuntu lunar container I get:

lunar login: ubuntu
Password:
Welcome to Ubuntu 23.04 (GNU/Linux 6.5.6-zabbly+ x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

Cannot execute /bin/bin/bash: No such file or directory

Ubuntu 23.04 lunar tty1

lunar login:

[hallyn]

On funtoo, /etc/pam.d/system-login specifies pam_shells.so. With that enabled, I get

funtoo login: serge
Password:

Login incorrect

When I comment that out, I get

funtoo login: serge
Password:
Last login: Tue Oct 10 18:05:07 -00 2023 on tty1

 >>> Release:                       stage3-generic_64-1.4-release-std-2023-07-13
 >>> Version:                       2023-07-13
 >>> Created by:                    Daniel Robbins <drobbins@funtoo.org>

 >>> Send suggestions, improvements, bug reports relating to...

 >>> Funtoo Linux:        Funtoo Linux (http://www.funtoo.org)

 NOTE: This message can be removed by deleting /etc/motd.

Cannot execute /bin/bin/bash: No such file or directory


This is funtoo.unknown_domain (Linux x86_64 6.5.6-zabbly+) 18:07:02

funtoo login:

So please do check your pam configuration.

[stoeckmann]

Steps to reproduce: (in arch, gentoo at least)

Watch out. Arch Linux uses login from util-linux while Gentoo uses login from shadow. This could add to the confusion here.

The easiest way to see which one you have is running login -H on a command line.

If it's util-linux then it goes right into its two second cool down mode and you get straight back to your terminal:

$ login -H
$

If it's shadow then you get login: invalid option -- 'H'

$ login -H
login: invalid option -- 'H'
Usage: login [-p] [name]
       login [-p] [-h host] [-f name]