I've had just the same bug on x86 and it was really annoying having to switch to a terminal to kill kscreenlocker.

This is still present in 4.4.3 and can be fixed by not applying kcheckpass-4.4.2-no-SUID-no-GUID.patch. However, my notebook (x86 as well) does not have that issue. On the other hand, it has the pam USE flag set which isn't the case for my desktop system.

(In reply to comment #2)
> This is still present in 4.4.3 and can be fixed by not applying
> kcheckpass-4.4.2-no-SUID-no-GUID.patch.

So this patch has to be removed from ebuild!

> On the other hand, it has the pam USE flag set which isn't the case for my desktop system.

I have pam USE flag unset.

Same here using kde-base/kcheckpass-4.4.3 with -pam
Setting suid manually helped as a workaround for the time being.

(In reply to comment #4)
> Same here using kde-base/kcheckpass-4.4.3 with -pam
> Setting suid manually helped as a workaround for the time being.
> 

Exactly the same over here (~x86). This is the emerge output when trying to rebuild kcheckpass:

[ebuild   R   ] kde-base/kcheckpass-4.4.3  USE="(-aqua) -debug (-kdeenablefinal) (-kdeprefix) -pam" 0 kB

A friend has the same issue on ~amd64. The same fix applied there.

Comment 6 Andreas K. Hüttel 2010-05-30 10:19:25 UTC

The patch was added as a fix for bug 158206 (no refreshing of kerberos credentials).

As far as I can see, the situation can be summed up like this:

* pam, no kerberos: everything ok now
* no pam, no kerberos: no unlock possible, needs suid binary
* kerberos: needs non-suid binary

How about setting the suid bit conditional on the use flags?

Comment 7 Andreas K. Hüttel 2010-06-03 18:52:42 UTC

I pushed an ebuild (for 4.4.3) to the overlay that removes the SUID bit only when pam is used. 

Please test!

Your ebuild for 4.4.3 works flawlessly for both my x86 laptop (pam) and amd64 desktop (-pam) :)

Comment 9 Maciej Mrozowski 2010-06-04 20:17:46 UTC

Moved to tree as kcheckpass-4.4.3-r1, thanks! (no point in stabilization request, I will close the bug).