Your message dated Sat, 17 May 2014 09:54:03 +0100
with message-id <20140517085402.ga6...@wheezy.tsa.lan>
and subject line Re: kscreensaver: Kscreensaver (lock screen) doesn't let user
with empty password out
has caused the Debian Bug report #498042,
regarding kscreensaver: Kscreensaver (lock screen) doesn't let user with empty
password out
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
498042: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498042
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: kscreensaver
Severity: important
Let's suppose you have a user with empty password in your system, which
is permitted to login on :0
If you lock the screen with kscreensaver, it will prompt for password,
but it would not be satisfied with empty password and so will never let
that user leave xscreensaver other than via ctrl-alt-backspace.
It was broken the same way in etch, then it worked for some time in
lenny/testing, now I've updated to lenny/stable and it no longer works,
again.
I can't figure out which PAM passes one should do to make it work,
because PAM is unsolvable puzzle: it isn't going to work silently
regardless of what you do.
/var/log/auth.log contain those lines on uncessful attempt of leaving
kscreensaver:
Sep 6 19:04:18 ant unix_chkpwd[1989]: check pass; user unknown
Sep 6 19:04:19 ant unix_chkpwd[1990]: check pass; user unknown
Sep 6 19:04:19 ant kcheckpass[1988]: pam_unix(kscreensaver:auth):
authentication failure; logname=lena uid=1002 euid=1002 tty=:0 ruser=
rhost= user=lena
Sep 6 19:04:19 ant kcheckpass[1988]: Authentication failure for lena
(invoked by uid 1002)
And yes, I'm sure that I DO need the user with empty password.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-6-k7 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
I've tested this with the current version of kscreensaver in wheezy
(4.8.4-5) and jessie (4.12.4-1) and cannot reproduce the bug, so it
looks like the bug was only present in KDE 3.
JFTR the only way I found to have a user with a blank password was to
manually edit /etc/shadow as passwd wouldn't allow it.
--
Jim Scadden
--- End Message ---
