Created attachment 430110 [details] emerge --info I was unable to get kwallet-pam auto-unlocking to work after my recent upgrade to Plasma 5. I created a new GPG encrypted wallet instead of importing the old one from KDE 4. I used the same password for login and wallet. The kwallet-pam elog message reported that everything was fine. Does kwallet-pam support auto-unlocking of GPG encrypted wallets? The most annoying part of this issue was that I was always being prompted to unlock the wallet with a pinentry passphrase dialog immediately after login. I could actually see the dialog during the Plasma 5 post login splash screen. The only application that uses my wallet is Chromium, so it shouldn't be causing the passphrase request since Chromium isn't even running at that point. Eventually I was able to stop the pinentry passphrase dialog by commenting out the following in /etc/pam.d/sddm: -auth optional pam_kwallet5.so -session optional pam_kwallet5.so auto_start Would it be possible to have the kwallet-pam elog message warn users that auto-unlocking of GPG encrypted wallets isn't supported? Maybe even provide a note about disabling the relevant PAM configuration to avoid the issue I had.
Thanks all. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=106e13509998a2b48956abf01e7bb0e61992c1bd
Thank you for the commit. I believe that it only partially fixes the issue. In my case where I use a GPG encrypted wallet, and will therefore not be unable to use wallet auto-unlocking, I will still be prompted for the wallet passphrase immediately after login. This will also be the case for users that use GPG encrypted wallets, but decide not to use wallet auto-unlocking by setting different passwords for login and wallet. As I mentioned previously, it would be nice to have instructions for disabling the relevant PAM configuration to stop the wallet passphrase prompt. Alternately have the SDDM ebuild control the installation of the PAM configuration via the pam USE flag. Currently SDDM applies the sddm-0.13.0-pam_kwallet.patch unconditionally.
(In reply to BT from comment #2) > Thank you for the commit. I believe that it only partially fixes the issue. > In my case where I use a GPG encrypted wallet, and will therefore not be > unable to use wallet auto-unlocking, I will still be prompted for the wallet > passphrase immediately after login. This will also be the case for users > that use GPG encrypted wallets, but decide not to use wallet auto-unlocking > by setting different passwords for login and wallet. > > As I mentioned previously, it would be nice to have instructions for > disabling the relevant PAM configuration to stop the wallet passphrase > prompt. Alternately have the SDDM ebuild control the installation of the PAM > configuration via the pam USE flag. Currently SDDM applies the > sddm-0.13.0-pam_kwallet.patch unconditionally. I think all instructions/infos are given in the post install info. If you have concerns about sddm, feel free to report a bug against x11-misc/sddm (which is not maintained by us).