Summary: | kde-base/kcheckpass-4.4.3 Authentication failure | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Alexey <lefsha> |
Component: | [OLD] KDE | Assignee: | Gentoo KDE team <kde> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | boris-gentoobugzilla, crazy-ivanovic, kerberos, shinydoofy |
Priority: | High | Keywords: | InOverlay, InVCS |
Version: | unspecified | ||
Hardware: | AMD64 | ||
OS: | Linux | ||
Whiteboard: | [kde testing] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 313999 |
Description
Alexey
2010-04-12 17:10:57 UTC
I've had just the same bug on x86 and it was really annoying having to switch to a terminal to kill kscreenlocker. This is still present in 4.4.3 and can be fixed by not applying kcheckpass-4.4.2-no-SUID-no-GUID.patch. However, my notebook (x86 as well) does not have that issue. On the other hand, it has the pam USE flag set which isn't the case for my desktop system. (In reply to comment #2) > This is still present in 4.4.3 and can be fixed by not applying > kcheckpass-4.4.2-no-SUID-no-GUID.patch. So this patch has to be removed from ebuild! > On the other hand, it has the pam USE flag set which isn't the case for my desktop system. I have pam USE flag unset. Same here using kde-base/kcheckpass-4.4.3 with -pam Setting suid manually helped as a workaround for the time being. (In reply to comment #4) > Same here using kde-base/kcheckpass-4.4.3 with -pam > Setting suid manually helped as a workaround for the time being. > Exactly the same over here (~x86). This is the emerge output when trying to rebuild kcheckpass: [ebuild R ] kde-base/kcheckpass-4.4.3 USE="(-aqua) -debug (-kdeenablefinal) (-kdeprefix) -pam" 0 kB A friend has the same issue on ~amd64. The same fix applied there. The patch was added as a fix for bug 158206 (no refreshing of kerberos credentials). As far as I can see, the situation can be summed up like this: * pam, no kerberos: everything ok now * no pam, no kerberos: no unlock possible, needs suid binary * kerberos: needs non-suid binary How about setting the suid bit conditional on the use flags? I pushed an ebuild (for 4.4.3) to the overlay that removes the SUID bit only when pam is used. Please test! Your ebuild for 4.4.3 works flawlessly for both my x86 laptop (pam) and amd64 desktop (-pam) :) Moved to tree as kcheckpass-4.4.3-r1, thanks! (no point in stabilization request, I will close the bug). |