|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
[login fails] why setting user out of 'wheel' group blocks GUI login?
Hello everyone,
trying to follow some of the suggestions for OpenBSD hardening at the link: https://dataswamp.org/~solene/2023-1...ast_privileges Initially, I took the current user off of the 'wheel' group, so that the user has no su -, nor doas abilities, but then - after rebooting - an unexpected situation: it's impossible to login through the GUI using the usual 'username'/'password' because the system prompts: Login incorrect or forbidden. It's possible to login ONLY through the CLI - by accessing the terminal via ctrl+alt+F1...F8, in which case the 'username'/'password' get accepted without any issue. How to regain access through the GUI/standard desktop environment? i.e., What to perform in the CLI in order to overcome the now missing 'wheel' group for the user? Thank you in advance, BR |
|
|||
A wild guess, try adding your user to group "_x11". I think that is the group xenodm runs under.
__________________
[t]csh(1) - "An elegant shell, for a more... civilized age." - Paraphrasing Star Wars (tvtropes.org) |
|
|||
Hello, so:
Quote:
$ cat /etc/group nevertheless, still I can't login with the usual 'username/password' in GUI prompt. Quote:
1. $HOME/.xsession-errors –> does not report any error 2. /var/log/xenodm.log -> outputs the following (head part with configs omitted): Quote:
Any clue? BR |
|
|||
Quote:
I doubt I can help further, but for others can you supply the Window Manager you are trying to use ? Also can you test with twm(1) to see what happens ? Good Luck
__________________
[t]csh(1) - "An elegant shell, for a more... civilized age." - Paraphrasing Star Wars (tvtropes.org) |
|
|||
Hello and thank you for your suggestions:
dealing with:The window manager enabled on the OS here is cwm but I don't know how to switch to twm to test it. Quote:
Recap: 1. the first thing I tried was to put back the current user into the wheel group. Outcome: still, cannot log in to desktop environment GUI. 2. could it be that the X11 misconfiguration problem was generated by the fact that I previously swapped the Caps Lock with the ESC key in the wsconsctl https://man.openbsd.org/wsconsctl.8 config? (I wrote a previous post here on Daemonforums: https://daemonforums.org/showthread.php?t=12515), and I changed the password to lowercase (so to avoid the use of Caps Lock when logging in) 3. I verified the .xsession script and it's very simple/minimalistic, if needed I can post it here 4. I checked the .xsession-errors file and it reports the following: Quote:
BR Last edited by Nixota; 12th January 2024 at 08:19 AM. |
|
|||
Quote:
2. sure, I'm running vs. 7.4 PS. though I created a copy - with $ cp -p .Xdefaults .Xresources of the .Xdefaults file, tried to set the .Xresources file available to the xrdb with $ xrdb ~/.Xresources - which, b.t.w. outputs the error: Quote:
Still cannot log into the desktop environment. BR |
|
||||
Quote:
This will upload the file to a pastebin site and return a URL that can be shared here: Code:
curl -F 'file=@-' 0x0.st < /var/log/Xorg.0.log |
|
|||
[SOLVED] reason for disabled login: swapping Caps Lock with ESC
dear All,
first: thank you for your precious support! As I previously guessed, I found the reason I couldn't log in via the desktop environment prompt: that was due because I previously swapped the 'Caps Lock' with the 'ESC' keys, i.e., in the /etc/wsconsctl.conf file I made the following setting: # swap Caps Lock with Esc key keyboard.map+="keysym Caps_Lock = Escape" That config messed up the login process. Just commented out that line and everything is back to normal. BR |
|
|||
Typical case of PEBKAC (Problem Exists Between Keyboard And Chair)
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
||||
Quote:
Arranging keys is quite important to my use of any OS since I need to enter a lot of accents so if OpenBSD doesn't support changing keys in wscons it sounds really bad. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Login user without shell and run a script then logout | SimpL | OpenBSD Security | 7 | 10th March 2021 11:34 AM |
How to add a user/group for a daemon | hanzer | OpenBSD General | 3 | 10th April 2016 02:58 AM |
wheel group missing in group file | nikolajg | FreeBSD Security | 6 | 5th October 2012 06:18 PM |
Running a command as a different user w/o starting the login shell | Carpetsmoker | General software and network | 4 | 1st July 2011 10:33 PM |
Canadian BSD user group.. | BSDfan666 | Off-Topic | 5 | 11th January 2009 03:37 PM |