http://bugzilla.opensuse.org/show_bug.cgi?id=1209741 http://bugzilla.opensuse.org/show_bug.cgi?id=1209741#c28 --- Comment #28 from Joe S <jmscdba@gmail.com> --- Hi Franck,
This change has just been submitted to Factory, see comment #25.
When I looked at the change I see pam_keyinit.so being added to /usr/lib/pam.d/systemd-user But I don't see it being removed from /etc/pam.d/sddm ( or the other ones I suggested ). Since systemd-user and sddm both execute during the login process, systemd-user with that change will create ( using revoke force ) the keyring, but if it is left in /etc/pam.d/sddm then when that is processed after systemd-user since sddm also uses revoke and force then it will replace the keyring that was just created in systemd-user. Surely that cannot be correct ??? Reading the docs it seems that "login" processes would specify pam_keyinit.so with revoke force but other processes should either leave it out or not specify revoke force otherwise the keyring keeps getting replaced. -- You are receiving this mail because: You are on the CC list for the bug.