On 05/28/2018 11:34 AM, Martín Marqués wrote:
> 2018-05-22 13:56 GMT-03:00 Rick Stevens <ri...@alldigital.com>:
>>
>> And I just had lightdm screw up royally. First, upon login I got an
>> XFCE polkit error popup, which is singularly useless in telling you
>> anything you can troubleshoot with. Then, I had no access to the sound
>> hardware on my machine, nor could I enable/disable wireless, play
>> with firewall settings or anything else, as polkit thought I didn't have
>> permissions to do anything, nor did it ever pop up an authentication
>> dialog.
>
> OMG, just what happened to me. So lightdm is to blame?
No it's not lightdm that's to blame, it's an interaction between lightdm
and pam-kwallet.
Quick fix: Edit your /etc/pam.d/lightdm file and comment out any line
referencing pam_kwallet.so or pam_kwallet5.so, log out and back in and
you should be fine. For some weird reason, lightdm includes this in its
configuration. My version of the above file:
[root@golem4 xxx]# cat /etc/pam.d/lightdm
#%PAM-1.0
# Note that pam-kwallet 5.12.4-2.fc27 is severely broken and will
# prevent xfce-polkit from working, so the lines referencing it are
# commented out here.
auth [success=done ignore=ignore default=bad] pam_selinux_permit.so
auth required pam_env.so
auth substack system-auth
-auth optional pam_gnome_keyring.so
#-auth optional pam_kwallet5.so
#-auth optional pam_kwallet.so
auth include postlogin
account required pam_nologin.so
account include system-auth
password include system-auth
session required pam_selinux.so close
session required pam_loginuid.so
session optional pam_console.so
-session optional pam_ck_connector.so
session required pam_selinux.so open
session optional pam_keyinit.so force revoke
session required pam_namespace.so
-session optional pam_gnome_keyring.so auto_start
#-session optional pam_kwallet5.so
#-session optional pam_kwallet.so
session include system-auth
session optional pam_lastlog.so silent
session include postlogin
There is a bugzilla on this:
https://bugzilla.redhat.com/show_bug.cgi?id=1581495
and even the latest version of the pam-kwallet RPM does not fix it--not
even for F28.
>> I wiped my xfce settings, reinstalled lightdm, xfce4-polkit and anything
>> else I could think of to no avail. I finally just punted, disabled
>> lightdm and enabled lxdm and everything started working again.
>
> I think I had another DM around. Will switch and see.
That's drastic, but as I said above, disabling PAM's use of kwallet
when using lightdm fixes the issue. Note I'm an Xfce4 user, so disabling
pam_kwallet* may have consequences on KDM/Plasma desktops that I don't
know about.
I see that lxdm's PAM config does NOT include pam_kwallet*.so in its
default PAM config (I've not tried tried using pam_kwallet* in an lxdm
config). So, if your KDE/Plasma desktop works as expected using lxdm,
then commenting out the pam_kwallet*.so stuff in the lightdm config
shouldn't affect your desktop either.
YMMV
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ri...@alldigital.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Microsoft Windows: Proof that P.T. Barnum was right -
----------------------------------------------------------------------
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org/message/B6DUIQU5JBKGK5USRVHS7MW6FVXILUA2/
