Bug ID | 1128835 |
---|---|
Summary | pam_keyinit.so doesn't seem to work as expected when logging in with GDM |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | GNOME |
Assignee | bnc-team-gnome@forge.provo.novell.com |
Reporter | fbui@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Hi, pam_keyinit.so has been integrated in GDM PAM stack (bsc#1081947 comment #35) and therefore I expect to get a fresh session keyring after logging in with GDM. But for some reasons it still doesn't happen on my setup (TW snapshot 20190310): fbui@linux-u19k:~> keyctl show @s Keyring 191591746 --alswrv 1000 65534 keyring: _uid_ses.1000 436165832 --alswrv 1000 65534 \_ keyring: _uid.1000 989285180 --alswrv 1000 100 \_ user: 6967d0c28476ffa1 409630110 --alswrv 1000 100 \_ user: 253ca7e88811d184 As it can be seen, I'm still using the per-user default session keyring instead. Just to make sure I checked the content of the GDM PAM config files: # grep pam_keyinit /etc/pam.d/gdm* /etc/pam.d/gdm:session optional pam_keyinit.so force revoke debug /etc/pam.d/gdm-autologin:session optional pam_keyinit.so force revoke /etc/pam.d/gdm-launch-environment:session optional pam_keyinit.so force revoke /etc/pam.d/gdm-password:session optional pam_keyinit.so force revoke debug # rpm -qf /etc/pam.d/gdm gdm-3.28.2-4.3.x86_64