Now pam_systemd.so added into system-local-login pam.d file (see #372229) if USE=systemd is set. But kdm pam.d files includes system-auth. This leads to the fact that if you use systemd-loginctl instead consolekit the user session is not created when you login via kdm. Please, fix it. Reproducible: Always
I dont understand half of the bug report, and probably the rest of the kde team does not fare much better. @pam, systemd: we could need some advice here.
This bug claims the wrong package. This might not be understandable to maintainers. So I introduced this new message regarding kdebase-pam: https://bugs.gentoo.org/show_bug.cgi?id=433173
*** Bug 433173 has been marked as a duplicate of this bug. ***
Thanks for reporting. New version masked in kde overlay available. Please note that this version bump addresses bug #436948 also. http://git.overlays.gentoo.org/gitweb/?p=proj/kde.git;a=commit;h=bb0a90872c54b1a4314bed80d69e9763582cd44c
(In reply to comment #4) > Thanks for reporting. New version masked in kde overlay available. Please > note that this version bump addresses bug #436948 also. > > http://git.overlays.gentoo.org/gitweb/?p=proj/kde.git;a=commit; > h=bb0a90872c54b1a4314bed80d69e9763582cd44c Unmasked in overlay. Please give feedback.
I installed kdebase-pam from kde-overlay. It works. However, at the login shows a message box "Last Login ..." Can set up so as not to get this message? Thanks.
And while I comment lines in /etc/pam.d/system-login: #session optional pam_lastlog.so
This appears to break my kwallet. Syslog has following messages: Nov 01 14:41:57 [kcheckpass] PAM unable to dlopen(/lib64/security/pam_selinux.so): /lib64/security/pam_selinux.so: cannot open shared object file: No such file or directory Nov 01 14:41:57 [kcheckpass] PAM adding faulty module: /lib64/security/pam_selinux.so It lists the same message earlier for kdm. In addition I get a message box when KDM starts, that it is going to login my user. This was not there previously. I use autologin without a password.
Commenting out the pam_lastlog.so line in /etc/pam.d/system-login removes the message box on KDE startup but the last login time will no longer be recorded and the message no longer displayed in the terminal. There is a 'silent' option for the module so the line in /etc/pam.d/system-login could be changed to something like: session optional pam_lastlog.so silent This should just log the time and not show any message. Then, because I wanted the message to show when I login from a terminal, I added another invocation of the module in /etc/pam.d/login (I hope that doesn't have any unpleasant side-effects): session optional pam_lastlog.so Could add a - in front of the selinux related line, so the module gets used if it is there and the error message is not shown in case the module is missing. So something like: -session optional pam_selinux.so
(In reply to comment #9) I was not CCed to this bug, and thus developed the same fixes for pam_lastlog and pam_selinux in the meantime. -> The solution proposed in comment #9 works for me.
P.S: Why is pam_selinux chained in pam.d/kde and not in pam.d/system-auth or similar?
commit 23983c0b56e5619339c85eff017db88536e980c0 Author: Dennis Schridde <devurandom@gmx.net> Date: Wed Nov 21 14:53:16 2012 +0100 [sys-auth/pambase] Fix KDE autologin (bug #422495) Was showing lastlog dialogue box on every login, delaying the time until the system becomes usable unnecessarily. pam_lastlog is now silent by default and only for login shells it shows a message. Thanks to Andrei Mihăilă and Egor Y. Egorov! Bug: #422495 Package-Manager: portage-2.2.0_alpha142 commit c60540d975f9bb0dd9619324200e24e140eaa397 Author: Dennis Schridde <devurandom@gmx.net> Date: Wed Nov 21 15:00:04 2012 +0100 [kde-base/kdebase-pam] Fix selinux error message (bug #422495) Using the pam_selinux module on non-selinux systems would have caused an error message. I removed this module from the KDE PAM chains, because sys-auth/pambase already deals with it in its system-* chains. Thanks to Andrei Mihăilă! Bug: #422495
It works! $ emerge -pv pambase kdebase-pam These are the packages that would be merged, in order: Calculating dependencies ... done! [ebuild R ~] sys-auth/pambase-20120417-r2::kde USE="cracklib sha512 systemd -consolekit -debug -gnome-keyring -minimal -mktemp -pam_krb5 -pam_ssh -passwdqc (-selinux)" 0 kB [ebuild R ~] kde-base/kdebase-pam-9::kde 0 kB
Hi, last login is fixed now, but could you also fix the "You have an email" message? Usually I have new emails and I don't want to stop KDE loading because of this message. Thanks
(In reply to comment #14) > last login is fixed now, but could you also fix the "You have an email" > message? Usually I have new emails and I don't want to stop KDE loading > because of this message. Do you know who presents this message? I.e. which PAM module? To figure that out, please post your PAM chain, i.e. /etc/pam.d/kde and recursively any files it includes, up to system-auth.
Could it be pam_mail.so? [17:19:43 marian@nbmkyral-E6500 ~]$ cat /etc/pam.d/kde #%PAM-1.0 auth required pam_nologin.so auth include system-local-login account include system-local-login password include system-local-login session include system-local-login [17:33:13 marian@nbmkyral-E6500 ~]$ cat /etc/pam.d/system-local-login auth include system-login account include system-login password include system-login session include system-login [17:35:46 marian@nbmkyral-E6500 ~]$ cat /etc/pam.d/system-login auth required pam_tally2.so onerr=succeed auth required pam_shells.so auth required pam_nologin.so auth include system-auth account required pam_access.so account required pam_nologin.so account include system-auth account required pam_tally2.so onerr=succeed password include system-auth session optional pam_loginuid.so session required pam_env.so session optional pam_lastlog.so silent session include system-auth -session optional pam_ck_connector.so nox11 session optional pam_motd.so motd=/etc/motd session optional pam_mail.so
It is pam_mail. Suggestion: USE=minimal emerge pambase. This is one of the long list of problems that requires a new pambase (which I started, but it's way too much for just me, and nobody stepped up).
(In reply to comment #16) > Could it be pam_mail.so? Probably. You might want to move it (and probably also motd, since that also generates output you might not want to see on every login) to pam.d/login. (In reply to comment #17) > This is one of the long list of problems that requires a new pambase (which > I started, but it's way too much for just me, and nobody stepped up). What has to be done for the new pambase? (bug #210767?)
(In reply to comment #17) > It is pam_mail. > > Suggestion: USE=minimal emerge pambase. > Thanks. It seems that it works. At least for now. I'll do more test. (In reply to comment #18) > Probably. You might want to move it > (and probably also motd, since that also > generates output you might not want to see > on every login) to pam.d/login. Well, I have no problem with motd. It does not show on KDE start even it is configured properly and motd is shown in terminal. Regarding to move pam.d/login - I never edited such files, all were configured during packages installation. So, probably, changes needs to be done there.
USE=minimal on pambase is designed for this.
Thanks all, overlay version is moved to the tree. + 03 May 2013; Johannes Huber <johu@gentoo.org> +files/kde-np.pam-9, + +files/kde.pam-9, +kdebase-pam-9.ebuild: + Version bump, fixes bugs #422495, #436948. Thanks to all who were involved.
Seems that kdebase-pam-9 has reintroduced this bug.
(In reply to comment #22) > Seems that kdebase-pam-9 has reintroduced this bug. Which bug exactly? /etc/pam.d/kde* includes system-local-login on my system.
(In reply to comment #23) > (In reply to comment #22) > > Seems that kdebase-pam-9 has reintroduced this bug. > > Which bug exactly? /etc/pam.d/kde* includes system-local-login on my system. the "last login" bug, I guess, since that's what I am observing on my system. it's very annoying.
(In reply to comment #24) > (In reply to comment #23) > > (In reply to comment #22) > > > Seems that kdebase-pam-9 has reintroduced this bug. > > > > Which bug exactly? /etc/pam.d/kde* includes system-local-login on my system. > > the "last login" bug, I guess, since that's what I am observing on my > system. it's very annoying. You are right. I am using the sys-auth/pambase-20120417-r2 I developed alongside kde-base/kdebase-pam-9. But it was forgotten in the KDE overlay, and not moved to the main tree. Please REOPEN and also move pambase.
(In reply to comment #25) > (In reply to comment #24) > > (In reply to comment #23) > > > (In reply to comment #22) > > > > Seems that kdebase-pam-9 has reintroduced this bug. > > > > > > Which bug exactly? /etc/pam.d/kde* includes system-local-login on my system. > > > > the "last login" bug, I guess, since that's what I am observing on my > > system. it's very annoying. > > You are right. I am using the sys-auth/pambase-20120417-r2 I developed > alongside kde-base/kdebase-pam-9. But it was forgotten in the KDE overlay, > and not moved to the main tree. > > Please REOPEN and also move pambase. No this ticket is about "kde-base/kdebase-pam should use system-local-login". Instead of silently adding packages which are not maintained by kde herd, please file a bug about it to the package maintainer.
(In reply to comment #26) > Instead of silently adding packages which are not maintained by kde herd, > please file a bug about it to the package maintainer. comment #12 was not really silent. I reported the issue as bug #468798.