https://bugs.kde.org/show_bug.cgi?id=457179
Bug ID: 457179
Summary: kerberos credental caches no longer reset correctly on
screen unlock
Product: kscreenlocker
Version: 5.25.1
Platform: Archlinux Packages
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: greeter
Assignee: plasma-b...@kde.org
Reporter: m...@ecs.vuw.ac.nz
CC: bhus...@gmail.com
Target Milestone: ---
Created attachment 150934
--> https://bugs.kde.org/attachment.cgi?id=150934&action=edit
fix for not calling pam_setcred()
SUMMARY
Since kscreenlocker_greet did the PAM handling internally rather than calling
kcheckpass the kerberos credential cache no longer gets reset correctly on
unlock.
STEPS TO REPRODUCE
1. Use kerberos for authentication
2. lock and unlock the screen
OBSERVED RESULT
/tmp/krb5cc_<uid>_<random> is not touched
/tmp/krb5cc_pam_<random> appears
EXPECTED RESULT
/tmp/krb5cc_<uid>_<random> is replaced by contents of /tmp/krb5cc_pam_<random>
ADDITIONAL INFORMATION
kcheckpass called pam_setcred() on successful authentication, but
kscreenlocker_greet does not.
patch to fix is attached.
--
You are receiving this mail because:
You are watching all bug changes.
