Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 398419 - Please provide documentation for using pam_ldap.so in combination with sys-auth/pambase[gnome-keyring]
Summary: Please provide documentation for using pam_ldap.so in combination with sys-au...
Status: RESOLVED TEST-REQUEST
Alias: None
Product: [OLD] Docs on www.gentoo.org
Classification: Unclassified
Component: New Documentation (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords: NeedPatch
Depends on:
Blocks:
 
Reported: 2012-01-10 18:27 UTC by Justin Lecher
Modified: 2013-12-25 12:35 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
system-auth (system-auth,763 bytes, text/plain)
2012-01-11 06:55 UTC, Justin Lecher
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Lecher gentoo-dev 2012-01-10 18:27:15 UTC
I simply could not get the ldap based login via pam_ldap.so combined with the automatic unlock of my keyring via sys-auth/pambase[gnome-keyring].
It might be worth to write some documentation about this as it should be intersting for other users too.
Comment 1 nm (RETIRED) gentoo-dev 2012-01-10 23:28:26 UTC
this is it's something the gnome team would deal with, so we'd need to know what to put in our guide.

but my first guess is that you have something screwed up on your system; this sounds like a bug, as i haven't had any such issues. might want to check the forums.

gnome team: any ideas?
Comment 2 nm (RETIRED) gentoo-dev 2012-01-10 23:29:07 UTC
also, unless we're folding it into an existing guide like the Gnome doc, this is is something that would better fit on the gentoo wiki, wiki.gentoo.org, which the gdp does not control. you're free to write something there, if you wish. :)
Comment 3 Gilles Dartiguelongue gentoo-dev 2012-01-10 23:50:28 UTC
I had (currently disabled) a ldap based + automatic gnome-keyring unlock setup and it worked perfectly fine. To figure out your problem, you'd have to explain your exact setup + pam files + what password are stored where and which you're using to login.
Comment 4 Justin Lecher gentoo-dev 2012-01-11 06:55:48 UTC
Created attachment 298607 [details]
system-auth

So this it what I did. Initially the setup was without ldap based authentication and the unlocking went fine. I followed what was written in the ldap guide (http://www.gentoo.org/doc/en/ldap-howto.xml) to add the ldap support. Basic login with a ldap account is fine. But neither for the ldap nor for the local account the keyring unlock works. Please find attached the system-auth.
I am not an pam expert, but could it be that the "sufficient" blocks the "optional" rules?
Comment 5 Justin Lecher gentoo-dev 2012-01-11 06:57:44 UTC
sys-auth/pambase-20101024-r1[consolekit cracklib gnome-keyring sha512]
sys-libs/pam-1.1.5[berkdb cracklib elibc_glibc nls]
Comment 6 Justin Lecher gentoo-dev 2012-01-11 07:30:29 UTC
I removed the ldap support and the unlock works again.
Comment 7 Pacho Ramos gentoo-dev 2013-08-29 12:29:48 UTC
What is the status of this with Gnome 3.8 and updated system?
Comment 8 Justin Lecher gentoo-dev 2013-09-17 15:38:47 UTC
Can't test it anymore, because I needed to drop G3.8 from that machine.
Comment 9 Pacho Ramos gentoo-dev 2013-12-24 12:08:42 UTC
Would be nice to try with 3.8 if possible since the keyring/unlocking stuff changed a lot since 2.32 (looks like finally is working ok on all the machines I maintain ;))
Comment 10 Justin Lecher gentoo-dev 2013-12-25 12:35:38 UTC
Sadly I don't run gnome on that box anymore, so I cannot test it.