Bug 17273

Summary: default PAM configuration breaks gnome keyring automatic unlocking
Product: Mageia Reporter: Guillaume Rousse <guillomovitch>
Component: RPM PackagesAssignee: Thierry Vignaud <thierry.vignaud>
Status: RESOLVED DUPLICATE QA Contact:
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: gdm CVE:
Status comment:

Description Guillaume Rousse 2015-12-02 17:34:19 CET
The current default PAM configuration for gdm is:
...
auth       include     system-auth
auth       optional    pam_gnome_keyring.so

And system-auth is:
auth        sufficient    pam_tcb.so shadow nullok prefix=$2a$ count=8

As a consequence, processing of a successful authentication stops immediatly after pam_tcb step, and pam_gnome_keyring never receive a copy of the user password.

Just turning the 'include' statement into a 'substack' statement, so as to force processing of the remaining elements upon return of the system-auth part, is enough to fix the issue. 



Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2015-12-03 15:08:02 CET
Assigning to Thierry who has recent commits to the PAM part of this package.

Assignee: bugsquad => thierry.vignaud

Comment 2 Guillaume Rousse 2015-12-28 20:20:11 CET
Duplicate.

*** This bug has been marked as a duplicate of bug 16825 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE