In my testing with those reproduction steps, PAM's debug output says the module is running and adding the test group to the list of groups. So I'm guessing something lightdm is doing resets the group list at some point past that.
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/880104 Title: Using pam_group results in: pam_group(lightdm:setcred): unable to set the group membership for user: operation not permitted Status in Light Display Manager: Confirmed Status in “lightdm” package in Ubuntu: Confirmed Bug description: I have configured many computers to authenticate through a openldap server. To be able to be admin in each computer, I use pam_group feature to select additional groups for user. (/etc/security/group.conf). Login directly on the console give me good group membership (the one defined in group.conf), but login from lightdm results in an error message in auth.local: pam_group(lightdm:setcred): unable to set the group membership for user: operation not permitted. Of course, the group membership is not set as it should. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/880104/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
