Automating pam_keyring...
Jon Nettleton
jon.nettleton at gmail.com
Fri Jun 15 21:40:05 UTC 2007
On Fri, 2007-06-15 at 23:22 +0200, Denis Leroy wrote:
> Good news here, Jon released pam_keyring 0.0.9. It fixed the F-7 problem
> for me:
okay this isn't a release, release. It is a pre-release that fixes the
F-7 problems.
>
> http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238741
>
> I'll push an update shortly.
>
> Installing pam_keyring isn't enough though, it still requires manual
> edition of /etc/pam.d/gdm to make it work. I was hoping to start some
> discussions on what needs to happen to make its behavior enabled
> automatically upon installation, especially since this is on the F-8
> wish list. Should it use a scriptlet that modifies /etc/pam.d/gdm in
> %post (see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232857 ).
> Or add a patch to the gdm package and make it require pam_keyring ? Or
> do we want to make this feature optional from authconfig ?
I have a mostly functional addition to authconfig for enabling and
disabling it. I am wondering if the architecture for this app needs to
be extended to make it easy for each pam_package to add an xml file
somewhere to add support for it in authconfig.
>
> Another issue is how do we update the keyring password when the user
> changes his/her password ?
The release above has 95% of the code for support of pam_sm_chauthtok.
It has a couple of small bugs that I plan on fixing for full
functionality in supporting changing the keyring password in the
pam_stack.
This will change partially again in 2.20 when we add support for a
on_login keyring in gnome-keyring. I just got wiki write access and
will create a page about it this weekend.
Jon
More information about the fedora-devel-list
mailing list