[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Pkg-xfce-devel] Bug#717297: Bug#717297: lightdm: pam.d/lightdm-greeter doesn't use system settings for pam

>>>>> "Yves-Alexis" == Yves-Alexis Perez <corsac at debian.org> writes:


Yves-Alexis> Can you tell us what exactly is broken by this? As far as
Yves-Alexis> I know this pam file is only for the greeter, not for
Yves-Alexis> session run from them (they're handled by
Yves-Alexis> /etc/pam.d/lightdm which correctly includes the common
Yves-Alexis> debian files.

People who authenticate only via ldap --- for whom pam_unix.so doesn't
work --- cannot log in, because username and password are not know to
pam_unix.so only to either pam_ldap.so or pam_sssd.so.  I imagine
other authentication mechanisms will also fail.

What's more if there's any other policy set in common-account or
common-session, it's not obeyed (e.g., time-of-use or group membership
restrictions)


--
Dr Peter Chubb				        peter.chubb AT nicta.com.au
http://www.ssrg.nicta.com.au          Software Systems Research Group/NICTA
Reply to: