Hi Rahul,
Did you check this on Debian?
yes, I have this working on two Debian testing systems.
1. Recompiled pam-kwallet_0.0~git20140429-0ubuntu1 in Debian testing
and
installed it
Instead of recompiling it, I installed the binary package provided by
Ubuntu
without modifying it. I haven't tested recompilation, yet. Does the
Ubuntu
package work for you? As a debugging approach, I recommend to test
the binary
first and test recompiling only if the binary package works.
Have you installed all dependencies? You have to install these:
libc6 (>= 2.4), libgcrypt11 (>= 1.5.1), libpam0g (>= 0.99.7.1), socat
I read that on one system socat has been missing, if I remember
correctly.
2. Updated kde-workspace to the latest version in testing (4.11.12)
I have the package with version 4:4.11.12-2 installed, so this should be
identical.
3. Modified /etc/pam.d/lightdm to include the two lines that you have
mentioned
When trying to get pam-kwallet working, I added these and other lines on
multiple places, and it did not work. It did work when the only lines I
modified have been these two lines. I am not absolutely sure that adding
other pam-kwallet entries has been the problem (as I might have changed
multiple things), but I would recommend against it while trying to
get it to
work.
However, it does not work. This is the output that I see in
/var/log/auth.log
Oct 12 22:02:10 rahul-laptop lightdm: pam_kwallet(lightdm:session):
pam-kwallet: final socket path: /tmp//rahul.socket
I see the same (though I use the Journal, but that should not make a
difference), but I also get lines like this:
pam_kwallet(lightdm:session): pam_sm_open_session
In /var/log/lightdm/lightdm.log, I do not see any messages related to
kwallet
I can confirm this, I also do not have anything logged there (and the
ctime
is quite current even when using the Journal).
but ps aux | grep kwalletd returns this.
rahul 21702 0.0 0.0 0 0 ? Z 22:19 0:00
[kwalletd] <defunct>
rahul 21772 1.9 0.2 96960 19268 ? SL 22:19 0:01
/usr/bin/kwalletd --pam-login 9 12
I have the same two processes (with file descriptors 10 and 14 at the
moment,
but 9 and 12 sound plausible, too).
Am I missing any configuration step?
This following is probably obvious, but I better mention it so that
you do
not unnecessarily lose time debugging it.
In the setup described by me, you have to use lightdm. I use the
package with
version 1.10.2-2 with a fixed config to avoid #762211. Using the
package from
unstable should work, too.
Do you really use identical passphrases for your user and your wallet?
It also might work already without you noticing it. I think, that
only your
default wallet will be opened. Although it might be that other
wallets are
not opened as they have different passphrases. I have only two
checkboxes
selected in the KDE wallet properties: "Enable the KDE wallet
subsystem" and
"Show manager in system tray". I do not have a default wallet
selected. Check
the tray icon after login to see if you wallet has been opened.
I have read, that pam-kwallet only works with the traditional wallets
and not
with the more recent GPG-based wallets. Though, I have only tested
the former
and not the latter.
It is a known bug
(https://www.redhat.com/archives/pam-list/2014-October/msg00000.html)
that pam-kwallet does not work if pam-mount is used to
unlock a (user's) home file system at the same time. So either avoid
pam-
mount in your tests, or ensure that the file system is already
unlocked when
testing pam-kwallet with lightdm.
Kind regards
Patrick
