| Summary: | sys-auth/pambase[consolekit]: remove nox11 param from pam_ck_connector line (or create separate console and graphical logins) | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Samuli Suominen (RETIRED) <ssuominen> |
| Component: | Current packages | Assignee: | PAM Gentoo Team (OBSOLETE) <pam-bugs+disabled> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | atalanta.bergamo, axs, billie, den_m, freedesktop-bugs, gentoo, M.Gehre, main.haarp, mastr, moloh, ppurka, roaldkoudenburg, stlman, technopolitica, v_2e |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Samuli Suominen (RETIRED)
2010-10-23 16:18:56 UTC
Okay I can fix it on login(1), sshd, and the like, but not for gdm. Because for whatever reason, gdm does not use the system-login session but rather the system-auth session, most likely to skip over mail and the other console login… I guess that will require more work, and most likely the new pambase framework I've been meaning to work on. Samuli, do you want me wait before fixing this? Okay, *partially* fixed: pambase is updated. What we do need now is some more complex and powerful pambase with stuff like session include .gentoo-console-login session include .gentoo-graphical-login to split the stuff that is used by gdm and login(1) if the ck_connector cannot run within gdm. I had to downgrade to shadow-4.1.4.2-r5 to revert to older broken behaviour as upgrading to shadow-4.1.4.2-r5, pambase-20101024 and consolekit-0.4.2-r4 still broke a lot of things in gnome. You're right, more work is needed. (In reply to comment #3) > I had to downgrade to shadow-4.1.4.2-r5 to revert to older broken behaviour as > upgrading to shadow-4.1.4.2-r5, pambase-20101024 and consolekit-0.4.2-r4 still > broke a lot of things in gnome. You're right, more work is needed. > Open new bug if you have problems. Those 3 work fine with both startx and gdm for gnome. No need to spam this bug with basically "It doesn't work for me." -messages. *** Bug 346635 has been marked as a duplicate of this bug. *** *** Bug 348668 has been marked as a duplicate of this bug. *** *** Bug 345585 has been marked as a duplicate of this bug. *** *** Bug 349317 has been marked as a duplicate of this bug. *** *** Bug 386819 has been marked as a duplicate of this bug. *** as per bug 386819 we can now ignore creating the separate text and graphical logins and just get rid of the nox11 param, for which this bug has been open for? (In reply to comment #9) > *** Bug 386819 has been marked as a duplicate of this bug. *** Along the lines of this particular bug, here's some details: SLiM (and XDM) use /bin/bash -login to authenticate a user; this authentication needs to act identical (in a consolekit sort of way) to a console login, that is, a ck-session needs to be started. Then, when the Xsession script runs and ck-launch-session is called within it, a second session for X will be created for the user and this will have all the appropriate variables set (active, is_local, x11-*). However, since the actual login prompt is launched from within X, the 'nox11' option causes pam-ck-connector.so to not launch the initial "console" login, and then the second one ends up being invalid (active=FALSE, is_local=FALSE, x11-* is not set properly). As such, the 'nox11' option needs to be removed from /etc/pam.d/system-login. I do realize that gdm would complain without this, IF it were using system-login, but since it isn't (and just uses system-auth and a few others) this is a non-issue. I can confirm this as i've switched back and forth between gdm and slim without issue when /etc/pam.d/system-login doesn't have 'nox11'. *** Bug 381727 has been marked as a duplicate of this bug. *** *** Bug 346037 has been marked as a duplicate of this bug. *** +*pambase-20101024-r1 (22 Oct 2011) + + 22 Oct 2011; Samuli Suominen <ssuominen@gentoo.org> + +pambase-20101024-r1.ebuild: + Remove nox11 argument from pam_ck_connector.so wrt #342345 |