https://bugs.kde.org/show_bug.cgi?id=375236
Bug ID: 375236
Summary: kwallet-pam doesn't work in conjunction with
dm-crypt-encrypted /home which gets unlocked with
pam_mount
Product: kwallet-pam
Version: 5.8.5
Platform: Archlinux Packages
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
Assignee: plasma-b...@kde.org
Reporter: elandr...@yandex.ru
Target Milestone: ---
My /home partition is encrypted using dm-crypt. It gets unlocked on login with
the help of pam_mount.
kwallet-pam doesn't work with this setup. I followed the wiki to set SDDM up in
the required way:
https://wiki.archlinux.org/index.php/KDE_Wallet#Unlock_KDE_Wallet_automatically_on_login
.
Still, I need to enter the password to unlock kwallet after I login to the
system.
I've checked that this problem is indeed caused by
dm-crypt-encryption/pam_mount. If I unlock my home partition by logging my user
in to, say, tty2, and only after that use SDDM to login to a KDE Plasma
session, then kwallet-pam works correctly, and I don't have to enter my
password to unlock kwallet upon login.
My guess is that kwallet-pam tries to unlock kwallet too early in the login
process, before pam_mount finishes unlocking the encrypted /home partition.
I use a fully updated Archlinux x64 system. Package versions:
kwallet-pam 5.8.1
kwallet 5.30.0
pam 1.3.0
pam_mount 2.16
cryptsetup 1.7.3
sddm 0.14.0
Here is what "cat /etc/pam.d/sddm" returns:
#%PAM-1.0
auth include system-login
auth optional pam_mount.so
auth optional pam_kwallet5.so
auth optional pam_kwallet.so kdehome=.kde4
account include system-login
password optional pam_mount.so
password include system-login
session include system-login
session optional pam_mount.so
session optional pam_kwallet5.so
session optional pam_kwallet.so
--
You are receiving this mail because:
You are watching all bug changes.
