[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#496456: kdebase-bin: user cannot unlock screen with correct password

Package: kdebase-bin
Version: 4:3.5.9.dfsg.1-5
Severity: critical
Justification: breaks unrelated software

After a recent upgrade (since 23 Aug 2008), our users, who can login
fine, cannot unlock the terminal after kdesktop_lock has locked it.
This appears to (possibly) be a PAM-related issue - here is what is
reported in auth.log when a user tries to unlock the terminal:

Aug 24 13:22:23 aspen unix_chkpwd[3472]: check pass; user unknown
Aug 24 13:22:23 aspen unix_chkpwd[3472]: password check failed for user (iamsteve)
Aug 24 13:22:23 aspen kcheckpass[3471]: pam_unix(kscreensaver:auth): authentication failure; logname=iamsteve uid=1000 euid=1000 tty=:0 ruser= rhost=  user=iamsteve
Aug 24 13:22:23 aspen kcheckpass[3471]: Authentication failure for iamsteve (invoked by uid 1000)

(the username 'iamsteve' and the user ID '1000' have been altered.)

I am thus cross-filing this bug with kdesktop (for kdesktop_lock),
kdebase-bin (for kcheckpass) and libpam-modules (for unix_chkpwd).
Please excuse the multiple postings, and please feel free to re-assign
this bug as appropriate.

As the user was able to log in prior to locking the screen, it doesn't
appear to be a problem related to the user per-se (i.e. the user exists
and is able to authenticate under some circumstances).

Note that I am not the only person with this problem:


reports the same behavior in an unstable system (ours are testing)
as of 14 Aug 2008.

As with the above report, rebooting does not solve the problem.

Please be aware that we are *not* using LDAP or NIS/NIS+, and that I am
in no way affiliated with 'eric2 <dot> valette <at> orange-ftgroup <dot>
com' - this is not a simple re-reporting of bugs #478274 and/or #487932.

In addition to the information below, we are using:

ii  libpam-doc      1.0.1-3 Documentation of PAM
ii  libpam-modules  1.0.1-3 Pluggable Authentication Modules for PAM
ii  libpam-runtime  1.0.1-3 Runtime support for the PAM library
ii  libpam0g        1.0.1-3 Pluggable Authentication Modules library

Thank you for your attention to this matter.

Steve Lane
System, Network and Security Administrator
Doudna Lab
Biomolecular Structure and Mechanism Group
UC Berkeley

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (990, 'testing'), (900, 'stable'), (800, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages kdebase-bin depends on:
ii  kdebase-bin-kde3        4:3.5.9.dfsg.1-5 core binaries for the KDE base mod
ii  kdelibs4c2a             4:3.5.9.dfsg.1-6 core libraries and binaries for al
ii  libc6                   2.7-13           GNU C Library: Shared libraries
ii  libgcc1                 1:4.3.1-2        GCC support library
ii  libpam-runtime          1.0.1-3          Runtime support for the PAM librar
ii  libpam0g                1.0.1-3          Pluggable Authentication Modules l
ii  libqt3-mt               3:3.3.8b-5       Qt GUI Library (Threaded runtime v
ii  libstdc++6              4.3.1-2          The GNU Standard C++ Library v3
ii  libx11-6                2:1.1.4-2        X11 client-side library
ii  libxcursor1             1:1.1.9-1        X cursor management library
ii  libxkbfile1             1:1.0.5-1        X11 keyboard file manipulation lib
ii  libxtst6                2:1.0.3-1        X11 Testing -- Resource extension 

kdebase-bin recommends no packages.

Versions of packages kdebase-bin suggests:
ii  gdb        6.8-3                         The GNU Debugger
ii  khelpcente 4:4.0.0.really.3.5.9.dfsg.1-5 help center for KDE

-- no debconf information

Reply to: