KUbuntu hangs for ~2 minutes after login
Hello after doing a fresh install of KUbuntu 24.04.1, I am experiencing an issue after submitting my password on the login screen which might be connected to SDDM or plasma, I'm not sure.
After submitting my password, my screen becomes black and I can only move the mouse cursor. I have to wait between 2 and 3 minutes until something times out, and then the desktop shows up.
This weird behavior appears after I run a script provided by my company to harden the security of my laptop which modified the rsyslog configuration and add some iptables rules:
If I disable the iptables service, or enable it without the rules, everything is working fine, my desktop shows up right after I submit my password. Hence, I suspect that the issue is related to my iptables configuration but I cannot find why.
In addition, I didn't have the problem with Kubuntu 22.04.
Here is the output of the journalctl entries related to x11. We can see that after more than 2 minutes, systemd tries to launch plasmax11:
Do you have any idea what could cause this wait of ~2 minutes?
Here is the full journalctl -b : https://privatebin.net/?4a01f72f570eff40#5HcAAH2TyBrfEY5SPrgbh9cX4Ft2VmP5 ehSnqi4rLHvB
After submitting my password, my screen becomes black and I can only move the mouse cursor. I have to wait between 2 and 3 minutes until something times out, and then the desktop shows up.
This weird behavior appears after I run a script provided by my company to harden the security of my laptop which modified the rsyslog configuration and add some iptables rules:
Code:
#!/bin/bash
# Add specific file for iptables and add rules
echo "[*] Add some logs"
mv /etc/rsyslog.d/50-default.conf /etc/rsyslog.d/50-default.conf.old
echo "
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none,kern.none -/var/log/syslog
#cron.* /var/log/cron.log
#daemon.* -/var/log/daemon.log
kern.debug /var/log/iptables.log
& stop
kern.* /var/log/kern.log
#lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
#user.* -/var/log/user.log
#mail.info -/var/log/mail.info
#mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
*.emerg :omusrmsg:*
daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/console" > /etc/rsyslog.d/50-default.conf
service rsyslog restart
echo "[*] Add iptables rules"
echo " /var/log/iptables.log
{
rotate 7
daily
missingok
notifempty
delaycompress
compress
postrotate
invoke-rc.d rsyslog rotate > /dev/null
endscript
}" > /etc/logrotate.d/iptables
echo "#!/bin/bash
iptables -F
iptables -P INPUT DROP
iptables -N LOG_DROP
iptables -A LOG_DROP -j LOG --log-prefix '[IPTABLES DROP] : '
iptables -A LOG_DROP -j DROP
iptables -N LOG_ACCEPT
iptables -A LOG_ACCEPT -j LOG --log-prefix '[IPTABLES ACCEPT] : '
iptables -A LOG_ACCEPT -j ACCEPT
ip6tables -N LOG_ACCEPT
ip6tables -A LOG_ACCEPT -j LOG --log-prefix '[IPTABLES ACCEPT] : '
ip6tables -A LOG_ACCEPT -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j LOG_ACCEPT
iptables -A INPUT -j LOG_DROP
iptables -A FORWARD -j LOG_DROP
ip6tables -F INPUT
ip6tables -F OUTPUT
ip6tables -F FORWARD
ip6tables -F
# Allow ICMP
#ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j LOG_ACCEPT
ip6tables -P INPUT DROP" > /etc/init.d/firewall
chmod +x /etc/init.d/firewall
#update-rc.d firewall defaults
#/etc/init.d/firewall
echo "[Unit]
Description=Packet Filtering Framework
DefaultDependencies=no
After=systemd-sysctl.service
Before=sysinit.target
[Service]
Type=oneshot
ExecStart=/etc/init.d/firewall
ExecReload=/etc/init.d/firewall
ExecStop=/etc/init.d/firewall
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/iptables.service
systemctl enable iptables
systemctl start iptables
In addition, I didn't have the problem with Kubuntu 22.04.
Here is the output of the journalctl entries related to x11. We can see that after more than 2 minutes, systemd tries to launch plasmax11:
Code:
[FONT=monospace][COLOR=#000000]$ sudo journalctl -xb | grep -i startplasma-x11 [/COLOR]
sept. 25 15:07:10 pc sddm[1214]: Session "/usr/share/xsessions/plasma.desktop" selected, command: "/usr/bin/[COLOR=#ff5454][B]startplasma-x11[/B][/COLOR][COLOR=#000000]" for VT 2 [/COLOR]
sept. 25 15:07:10 pc sddm-helper[1414]: Starting X11 session: "" "/etc/sddm/Xsession \"/usr/bin/[COLOR=#ff5454][B]startplasma-x11[/B][/COLOR][COLOR=#000000]\"" [/COLOR]
sept. 25 15:09:25 pc systemd[1417]: Reloading requested from client PID 1460 ('[COLOR=#ff5454][B]startplasma-x11[/B][/COLOR][COLOR=#000000]')...[/COLOR][/FONT]
Do you have any idea what could cause this wait of ~2 minutes?
Here is the full journalctl -b : https://privatebin.net/?4a01f72f570eff40#5HcAAH2TyBrfEY5SPrgbh9cX4Ft2VmP5 ehSnqi4rLHvB