Bug#723050: can't log in

To: Maximiliano Curia <maxy@gnuservers.com.ar>
Cc: 723050@bugs.debian.org
Subject: Bug#723050: can't log in
From: Mathieu MD <mathieu.md@gmail.com>
Date: Thu, 21 Nov 2013 22:04:05 +0100
Message-id: <[🔎] 528E7545.7050807@gmail.com>
Reply-to: Mathieu MD <mathieu.md@gmail.com>, 723050@bugs.debian.org
In-reply-to: <[🔎] 20131115140250.GA30440@gnuservers.com.ar>
References: <[🔎] 20131115140250.GA30440@gnuservers.com.ar>

Hi Maximiliano,

I do use kdm to login.

I tried to run xscreensaver as you told, but it did not change anything:
I still cannot login back.

Here is my pam files:
################################################
#
# /etc/pam.d/kdm - specify the PAM behaviour of kdm
#
auth       required     pam_nologin.so
auth       required     pam_env.so readenv=1
auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
@include common-auth
session    required     pam_limits.so
@include common-account
@include common-password
@include common-session
################################################

Where it's missing SELinux (which is not installed) and pam_loginuid.so
lines, comparing to yours, and you don't have common-session.

I tried adding the pam_loginuid.so, but it didn't helped.

################################################
#
# /etc/pam.d/xscreensaver - PAM behavior for xscreensaver
#

@include common-auth
@include common-account
################################################

Thanks for trying!
-- 
Mathieu

Le 15/11/2013 15:02, Maximiliano Curia a écrit :
> Hi,
> 
> In article <52433F8A.3040502@gmail.com> you wrote:
>> Thanks for your feedback.
> 
>> It may have been the case the very first day, but now that I had reboot
>> many times, and still the problem is the same, what could it be?
> 
>> (sorry for replying late: I did not received your message)
> 
> I was trying to follow the code, and it looks like
> /usr/lib/kde4/libexec/kcheckpass uses the kdm pam service, which
> imports the common services and adds some normal pam stuff. ::
> 
> auth       required     pam_nologin.so
> auth       required     pam_env.so readenv=1
> auth       required     pam_env.so readenv=1 envfile=/etc/default/locale
> @include common-auth
> # SELinux needs to be the first session rule. This ensures that any
> # lingering context has been cleared. Without out this it is possible
> # that a module could execute code in the wrong domain.
> session    [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
> session    required     pam_limits.so
> session    required     pam_loginuid.so
> @include common-session
> # SELinux needs to intervene at login time to ensure that the process
> # starts in the proper default security context. Only sessions which are
> # intended to run in the user's context should be run after this.
> session    [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
> @include common-account
> @include common-password
> 
> Which is fine for a starting session.
> 
> But, this is different from what xscreensaver uses, which is only the
> common-auth and common-account. ::
> 
> @include common-auth
> @include common-account
> 
> Also, you could be using KDE without having kdm installed, which would load
> the "other" pam service file. ::
> 
> @include common-auth
> @include common-account
> @include common-password
> @include common-session
> 
> So, I'm still not sure if this could be the cause of this issue, but I'll need
> to know what pam modules you have enabled.
> And if you replace kscreensaver with xscreensaver (run xscreensaver, settings,
> restart daemon, lock screen) if you can unlock you session or not.
> 
> Thanks,
>

Reply to:

References:
- Bug#723050: can't log in
  - From: Maximiliano Curia <maxy@gnuservers.com.ar>

Prev by Date: Bug#730131: phonon-backend-vlc: Changing volume in KDE applications broken
Next by Date: Bug#730141: qdbus-qt5: wrongly in section libs
Previous by thread: Bug#723050: can't log in
Next by thread: phonon-backend-vlc-dmo_0.7.0-1.1_mipsel.changes ACCEPTED
Index(es):
- Date
- Thread