Issue: setgid: Invalid Argument

[botdxn]

Is there an existing issue for this?

• I have searched the existing issues and found none that matched mine

Describe the issue

Installed aad-auth using guide in this repo.
It connects to my Azure AD, logs say it's succesful. Prints out error "setgid: Invalid Argument".

Directory for user is created in /home it provides logs in AzureAD that a login was successful.

journalctl output doesn't provide anything useful.

Steps to reproduce it

1. Install aad-auth just as the repo
2. Create App in Azure AD
3. Try to login

Ubuntu users: System information and logs

No response

Non Ubuntu users: System information and logs

Environment

• aad-cli 0.4
• libpam-aad 0.4
• libnss-aad 0.4
• Distribution: UBUNTU
• Distribution version: 23.04

Log files

Please redact/remove sensitive information:

Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): Authentication successful even if requiring MFA
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): Cache initialization
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): Opening cache in /var/lib/aad/cache
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): check file permissions on /var/lib/aad/cache/passwd.db
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): check file permissions on /var/lib/aad/cache/shadow.db
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): Shadow db mode: 2
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): Cleaning up db. Removing entries that last authenticated online more than 180 days ago
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): getting user information from cache for "user@domain.xyz"
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): encrypt password for user "user@domain.xyz"
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): updating from last online login information for user "user@domain.xyz"
Sep 17 13:13:22 ubuntu-azuread-test login[491]: pam_aad(login:auth): Close database request

Application settings

Please redact/remove sensitive information:

## See https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal
## for more information on how to set up an Azure AD app.
tenant_id = redacted
app_id = redacted

### optional values (defaults)
# offline_credentials_expiration = 90 ; duration in days a user can log in without online verification
                                      ; set to 0 to prevent old users from being cleaned and allow offline authentication for an undetermined amount of time
                                      ; set to a negative value to prevent offline authentication
# homedir = /home/%f ; home directory pattern for the user, the following mapping applies:
#                    ; %f - full username
#                    ; %U - UID
#                    ; %l - first char of username
#                    ; %u - username without domain
#                    ; %d - domain
# shell = /bin/bash ; default shell for the user

### overriding values for a specific domain, every value inside a section is optional
# [domain.com]
# tenant_id = aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
# app_id = bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb
# offline_credentials_expiration = 30
# homedir = /home/domain.com/%u
# shell = /bin/zsh

Relevant information

No response

Double check your logs

• I have redacted any sensitive information from the logs

[Ageraniotis]

Same here!

Environment

aad-cli 0.52
libpam-aad 0.52
libnss-aad 0.52
Distribution: UBUNTU
Distribution version: 23.10