Hi Maximiliano, I do use kdm to login.
I tried to run xscreensaver as you told, but it did not change anything: I still cannot login back. Here is my pam files: ################################################ # # /etc/pam.d/kdm - specify the PAM behaviour of kdm # auth required pam_nologin.so auth required pam_env.so readenv=1 auth required pam_env.so readenv=1 envfile=/etc/default/locale @include common-auth session required pam_limits.so @include common-account @include common-password @include common-session ################################################ Where it's missing SELinux (which is not installed) and pam_loginuid.so lines, comparing to yours, and you don't have common-session. I tried adding the pam_loginuid.so, but it didn't helped. ################################################ # # /etc/pam.d/xscreensaver - PAM behavior for xscreensaver # @include common-auth @include common-account ################################################ Thanks for trying! -- Mathieu Le 15/11/2013 15:02, Maximiliano Curia a écrit : > Hi, > > In article <52433f8a.3040...@gmail.com> you wrote: >> Thanks for your feedback. > >> It may have been the case the very first day, but now that I had reboot >> many times, and still the problem is the same, what could it be? > >> (sorry for replying late: I did not received your message) > > I was trying to follow the code, and it looks like > /usr/lib/kde4/libexec/kcheckpass uses the kdm pam service, which > imports the common services and adds some normal pam stuff. :: > > auth required pam_nologin.so > auth required pam_env.so readenv=1 > auth required pam_env.so readenv=1 envfile=/etc/default/locale > @include common-auth > # SELinux needs to be the first session rule. This ensures that any > # lingering context has been cleared. Without out this it is possible > # that a module could execute code in the wrong domain. > session [success=ok ignore=ignore module_unknown=ignore default=bad] > pam_selinux.so close > session required pam_limits.so > session required pam_loginuid.so > @include common-session > # SELinux needs to intervene at login time to ensure that the process > # starts in the proper default security context. Only sessions which are > # intended to run in the user's context should be run after this. > session [success=ok ignore=ignore module_unknown=ignore default=bad] > pam_selinux.so open > @include common-account > @include common-password > > Which is fine for a starting session. > > But, this is different from what xscreensaver uses, which is only the > common-auth and common-account. :: > > @include common-auth > @include common-account > > Also, you could be using KDE without having kdm installed, which would load > the "other" pam service file. :: > > @include common-auth > @include common-account > @include common-password > @include common-session > > So, I'm still not sure if this could be the cause of this issue, but I'll need > to know what pam modules you have enabled. > And if you replace kscreensaver with xscreensaver (run xscreensaver, settings, > restart daemon, lock screen) if you can unlock you session or not. > > Thanks, > -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
