KDE immediately returns to the login screen: one explanation

Earlier this week, I bought a new laptop. More on that once I’ve had a little more time to use it. But I wanted to share two things that I learned while setting it up. The first is straightforward: I really regret not putting effort into getting key configs (like users) into Ansible so that I didn’t have to do stuff by hands. The second requires some storytelling.

I installed Fedora 26 (KDE spin) and everything seemed good. I created accounts for my wife and me and then called it a night because I was tired. The next day, I wanted to get a little more configuration done, so I tried to log in. My password was accepted, but it immediately returned me to the login screen. So I logged in to a text console. That worked fine. I tried logging in to KDE as root. It worked. It had to be something about my account.

So I asked the trusty journal what was wrong. I saw messages like this:

Oct 05 18:04:44 holton sddm-helper[2770]: Starting: "/etc/X11/xinit/Xsession /usr/bin/startkde"
Oct 05 18:04:44 holton audit[2787]: AVC avc: denied { write } for pid=2787 comm="sddm-helper" name="bcotton" dev="dm-3" ino=5242881 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unco
Oct 05 18:04:44 holton sddm-helper[2787]: Could not open stderr to "/home/bcotton/.cache/xsession-errors"
Oct 05 18:04:44 holton audit[2787]: AVC avc: denied { write } for pid=2787 comm="sddm-helper" name="bcotton" dev="dm-3" ino=5242881 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unco
Oct 05 18:04:44 holton kernel: sddm-helper[2787]: segfault at 0 ip 00007fc1e8f97b1e sp 00007ffc7a29d1e0 error 4 in libc-2.25.so[7fc1e8f25000+1c7000]
Oct 05 18:04:44 holton audit[2787]: ANOM_ABEND auid=47703 uid=47703 gid=500 ses=5 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 pid=2787 comm="sddm-helper" exe="/usr/libexec/sddm-helper" sig=11 res=
Oct 05 18:04:44 holton sddm-helper[2787]: Opening the Xauthority file at "/home/bcotton/.Xauthority" failed
Oct 05 18:04:44 holton sddm-helper[2770]: pam_unix(sddm:session): session closed for user bcotton

I checked to make sure my home directory existed. It did.

I checked to make sure I could write to it. I could.

I turned off Selinux. No help.

A forum post suggested removing the sddm package and using kdm instead. It didn’t help.

I created a new user. It could log in. What was going on?

Well at one point, I noticed that when I did an ls -l on /home, my home directory showed a numeric group ID instead of a name. Ah ha! When I created the users, I used KDE’s user management GUI. It auto-created a group with a GID that matched the UID of the account. But I didn’t want that group, so I deleted it and made another group my default. But by that point, the home directory had already been created, so it was owned by the group that no longer exists.

After I changed the group ownership, it worked just fine. I should have just used the useradd command to begin with since I could have made it work the way I intended. Or I could have used a configuration management tool to do it for me. Maybe that will be my next project…

Other writings in September 2016

Where have I been writing when I haven’t been writing here?

Over on Opensource.com, we had another 900k+ page views in the month: the fourth time in site history and the second consecutive month. I contributed two articles:

Meanwhile, I wrote a few things for work, too:

  • Cycle Computing: The cloud startup that just keeps kicking — The Next Platform wrote a very nice article about us, so I wrote a blog post talking about how nice it was. (Hey, I’m in marketing now. It’s what we do).
  • Cloud-Agnostic Glossary — Supporting multiple cloud-service providers means having to translate terms between them. I put together a Rosetta Stone to help translate relevant terms between AWS, Azure, and Google Cloud.
  • The question isn’t cost, it’s value — When people talk about the cost of cloud computing, they’re usually looking at the raw dollar value. Since it takes money to make money, that’s not always the right way to look at it. It’s better to consider the value generated.