sitter added inline comments. INLINE COMMENTS
> aacid wrote in pam_kwallet.c:329 > > How about leaving it in for 5.18 and drop it for master? > > Should there be an unexpected problem we'll at least have months of > > theoretical testing and a shorter window from 5.19.0 to .1 to hotfix a > > > potential regression. > > Doesn't sound very convincing to me, if there's going to be a regression i'd > prefer it to be this month when i still remember this code and i still use > kwallet-pam and pam_fscrypt, if you delay it to 5.19.0 or something I will > not totally remember this code and may not be using this any of those two > either os my motivation to fix it may be pretty small. > > I can try adding the code that makes pam_sm_open_session from here if you > think it makes sense to have it That is a fair point but I for one cannot +1 this diff as-is. So, I would prefer the pam_sm_open_session call making a return. Or someone else gives a +1, I don't profoundly object to the diff, but it is in my mind not suitable for a stable release right now: Currently in 5.18 one can call session before auth and it works. With this diff that'd be no longer the case and a behavioral change in a stable release update. I have no idea if that has real life implications but I can totally imagine one of our enterprise users pulling weird stuff like that. REPOSITORY R107 KWallet PAM Integration REVISION DETAIL https://phabricator.kde.org/D27935 To: aacid Cc: sitter, security-team, davidedmundson, plasma-devel, Orage, LeGast00n, The-Feren-OS-Dev, cblack, jraleigh, zachus, fbampaloukas, GB_2, ragreen, ZrenBot, ngraham, himcesjf, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas, apol, ahiemstra, mart
