FS#46140 - [sddm] add kwallet-pam to pam file
Attached to Project:
Arch Linux
Opened by Ivan P (Soukyuu) - Saturday, 29 August 2015, 11:05 GMT
Last edited by Felix Yan (felixonmars) - Thursday, 10 September 2015, 09:31 GMT
Opened by Ivan P (Soukyuu) - Saturday, 29 August 2015, 11:05 GMT
Last edited by Felix Yan (felixonmars) - Thursday, 10 September 2015, 09:31 GMT
|
Details
Description:
Upon upgrading to 5.4 and installing kwallet-pam, both kde4 and kde5 wallets stopped unlocking themselves automatically. It seems that the package adds the configuration required to /etc/pam.d/kde, but to make it work out of the box, you have to add those lines to /etc/pam.d/sddm instead. Additional info: - kwallet-pam 5.0.4-1 - sddm 0.11.0-3 Steps to reproduce: - make sure kde4/5 wallets use login password - install kwallet-pam - reboot - start any programs requiring access to the wallet -> when config in /etc/pam.d/kde: wallets do not get unlocked -> when config in /etc/pam.d/sddm: wallets get unlocked |
This task depends upon
Closed by Felix Yan (felixonmars)
Thursday, 10 September 2015, 09:31 GMT
Reason for closing: None
Additional comments about closing: See comments below, users are expected to update the pam file themselves.
Thursday, 10 September 2015, 09:31 GMT
Reason for closing: None
Additional comments about closing: See comments below, users are expected to update the pam file themselves.
Maybe all DMs are supposed to "run" the /etc/pam.d/kde file when starting a KDE session? (Which would mean SDDM does not and it's an SDDM bug?)
You could remove the automatic configuration and either link the user to a wiki article via the installation message, or maybe have a script that detects the active DM and puts the config in the respective file?
As I said, I'm not convinced that we should add this to our pam.d/sddm, especially since some users are reporting issues with it [1]. OTOH, both Debian [2] and Fedora [3] include it (but they use their own pam file instead of the one provided by upstream). So let Felix decide what to do. In any case, even if this is not included, pam.d/sddm should be added to the backup array.
[1] https://bugs.kde.org/show_bug.cgi?id=352485
[2] http://anonscm.debian.org/cgit/pkg-kde/kde-std/sddm.git/tree/debian/sddm.pam
[3] http://pkgs.fedoraproject.org/cgit/sddm.git/tree/sddm.pam
I personally wouldn't include it with sddm, even though I have mine set up to unlock the wallet... I'd think not including it in sddm is more in line with the Arch way as well...