【linux】登录root账户时报错Sorry, that didn‘t work. Please try again.抱歉,这不管用,请再试一次

一、问题背景

登录其他普通账户的GUI桌面,发现都很正常,但是登录管理员账户root的桌面,重启之后一段时间正常,过一段时间就会出现登录报错Sorry, that didn’t work. Please try again.

【linux】登录root账户时报错Sorry, that didn‘t work. Please try again.抱歉,这不管用,请再试一次_第1张图片

二、解决办法——配置文件的解析

下面给出两个PAM(Pluggable Authentication Modules)配置文件的示例。

PAM配置文件通常位于/etc/pam.d/目录下,文件名通常与相关的服务或程序名相对应。PAM是Linux和其他UNIX系统中用于控制认证、授权、密码管理和会话管理的一种模块化框架。

gdm-autologin配置文件

#%PAM-1.0
auth    requisite       pam_nologin.so
#auth   required        pam_succeed_if.so user != root quiet_success
auth    optional        pam_gdm.so
auth    optional        pam_gnome_keyring.so
auth    required        pam_permit.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any 
# lingering context has been cleared. Without this it is possible 
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so close
session required        pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so open
session optional        pam_keyinit.so force revoke
session required        pam_limits.so
session required        pam_env.so readenv=1
session required        pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale
@include common-session
session optional        pam_gnome_keyring.so auto_start
@include common-password

【linux】登录root账户时报错Sorry, that didn‘t work. Please try again.抱歉,这不管用,请再试一次_第2张图片
上面的第三行auth required pam_succeed_if.so user != root quiet_success,是你需要注释的代码。

auth required是用来给账户授权使用GUI界面的命令,它的参数有真和假两种。

pam_succeed_if.so模块是用来做判断的,user != root quiet_success是这个判断模块的参数,如果这个参数逻辑为真,传递给命令auth required也就是授权登录,也就是说这个配置文件默认是不允许非root用户进入GUI界面的。

quiet_success参数表示在成功的情况下不记录任何信息。

gdm-password配置文件

#%PAM-1.0
auth    requisite       pam_nologin.so
auth   required        pam_succeed_if.so user != root quiet_success
@include common-auth
auth    optional        pam_gnome_keyring.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any 
# lingering context has been cleared. Without this it is possible 
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so close
session required        pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
# pam_selinux.so changes the SELinux context of the used TTY and configures
# SELinux in order to transition to the user context with the next execve()
# call.
session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so open
session optional        pam_keyinit.so force revoke
session required        pam_limits.so
session required        pam_env.so readenv=1
session required        pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale
@include common-session
session optional        pam_gnome_keyring.so auto_start
@include common-password

这个配置文件中,同样也需要注释那一行代码,作用几乎相同,不过下面那个掌管的是密码,上面掌管的是登录。

三、致新手——注释掉某一行的操作方法

如果您跟我一样是新手,那么您需要按照以下步骤快速操作vim编辑器来注释掉上面的两行代码。

首先当您执行sudo vi /etc/pam.d/gdm-autologin或sudo vi /etc/pam.d/gdm-password之后,终端会自动进入这个配置文件中。

接着,您需要把光标移到对应行的开头位置,然后按小写【i】来进入输入模式(进入输入模式的方法很多,有i、I、O、o等,自行百度辨析区别),进入这个模式化后,左下角会显示INSERT。

最后,您输入一个【#】后,按【Esc】退出输入模式进入命令模式,然后输入保存并退出的命令【:wq】,再回车执行这个命令。

修改完毕后,你就可以直接用root账户无限制地登录了,反正我是试成功啦,哈哈哈!
【linux】登录root账户时报错Sorry, that didn‘t work. Please try again.抱歉,这不管用,请再试一次_第3张图片

THANKS!!!

【linux】登录root账户时报错Sorry, that didn‘t work. Please try again.抱歉,这不管用,请再试一次_第4张图片
【linux】登录root账户时报错Sorry, that didn‘t work. Please try again.抱歉,这不管用,请再试一次_第5张图片

你可能感兴趣的:(Linux,linux,运维,服务器)