https://bugs.kde.org/show_bug.cgi?id=490924
k...@sterenborg.info changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|WAITINGFORINFO |---
Ever confirmed|1 |0
Status|NEEDSINFO |REPORTED
--- Comment #21 from k...@sterenborg.info ---
(In reply to Sophie Dexter from comment #19)
> (In reply to Fabian Vogt from comment #18)
> > Can you please try this (with the working local config as base):
> >
> > "auth sufficient pam_sss.so
> > forward_pass"
> >
> > after pam_unix (this should bring the issue back) and then
> Yes it did!
> >
> > "auth sufficient pam_sss.so
> > use_first_pass"
> >
> > instead? I wonder whether that avoids the issue as well. Please keep a local
> > root shell open when editing PAM config.
> and, yes it did :-)
> I used 'sudo vi /etc/authselect/password-auth' when editing, unsure what I
> was supposed to do/see with the root shell though,?
The (extra) open root shell would have enabled you to use it to fix the PAM
configuration in case you made a mistake, making you unable to login.
> > If this works, the PAM_CONV_ERR return does not fully quit the PAM stack and
> > it just gets stuck at pam_sss.
> > The fix would be to return PAM_CONV_ERR until pam_authenticate returns
> > failure.
> Great!, umm, how :?:
I don't think that's for you or me to fix: this PAM config change fixed the
issue for me as well (it's probably not the right fix, but it works for now),
and I don't see what more info you can give.
--
You are receiving this mail because:
You are watching all bug changes.
