GUI login not running scripts inside /etc/profile.d/

Asked by liquidoshin on 2018-10-02

I wrote a bash script that installs a certificate using the certutil command and placed it inside /etc/profile.d/ . This script is intended to run each time any user logs in by making .pki/nssdb directory inside the users home directory (if the database doesn't already exist) and install our personal certificate (if not already installed). There are two issues I'm experiencing however. Number one is, the code is hiccuping at a certain point in my code which then doesn't allow the user to login via the GUI. The following is the contents of the script:


#get which linux distro we're on and set to dist
if [ -f /usr/bin/lsb_release ]
 dist=$(/usr/bin/lsb_release -dr)
elif [ -f /etc/system-release ]
 IFS=$'\n' read -d '' -r -a lines < /etc/system-release
elif [ -f /etc/os-release ]
 IFS=$'\n' read -d '' -r -a lines < /etc/os-release
 for i in "${lines[@]}"
  if [[ $i =~ ^NAME ]]

#converts to lowercase
dist="$(echo ${dist,,})"

#fedora requires .pem file
if [[ $dist =~ fedora ]]

#check if certs exist
if ! [ -f $cert ]
 exit 1
#determine location of mkdir binary and create nssdb database
if ! [ -f $HOME/.pki/nssdb ]
 if [[ $dist =~ .*red\ hat.*release\ 6.* ]] || [[ $dist =~ debian ]] || [[ $dist =~ ubuntu ]]
  /bin/mkdir -p $HOME/.pki/nssdb
  /usr/bin/mkdir -p $HOME/.pki/nssdb

#list installed certificates
#mapfile lines < <($certutil -L -d sql:$HOME/.pki/nssdb 2> /dev/null)
output=$($certutil -L -d sql:$HOME/.pki/nssdb 2> /dev/null)
retcode=$(echo $?)

#check if cert is installed
if [ $retcode == "0" ]; then
 for i in "${output[@]}"
  if [[ $i =~ name\of\our\cert.* ]]

#if not, install cert
if ! $found
 $certutil --empty-password -d sql:$HOME/.pki/nssdb -N
 $certutil -d sql:$HOME/.pki/nssdb -A -t "C,C,C" -n "certname" -i $cert

By process of commenting out the whole script initially and then, chunks of code at a time, uncommenting until I got to the culprit, the program seems to have an issue with the part where I set IFS=$'\n', on its own separate line. I wasn't sure why this was an issue so I tried to find another way to basically store the output from the certutil -L command and store the output in an array which is what I'm doing on the line below that's commented out using the mapfile built in bash command. Commenting out the IFS assignment line and uncommenting the mapfile line also causes the same issue where I login as my local user and then I'm immediately logged back out again. The second thing I noticed however, if I comment everything from the IFS=$'\n' line and down, I can login fine but my script in /etc/profile.d doesn't get run. I know this because the .pki/nssdb directories aren't made which should definitely happen if the script is run. One last thing I've noticed is that if I login through the shell the script gets run even with all the code present and none of it commented out, gives no errors and does everything like it's supposed to. This seems to be an issue only with logging in on the GUI. I'm experiencing this on Debian 9 and I'm sure would happen on the Ubuntu distros also. Thanks for any help. I may need to file this as a bug with debian/ubuntu

Question information

English Edit question
Ubuntu Edit question
No assignee Edit question
Last query:
Last reply:
8 hours ago
Launchpad Janitor (janitor) said : #1

This question was expired because it remained in the 'Open' state without activity for the last 15 days.