Bug#898191: sddm: Does not honor PAM's ambient supplemental groups (via e.g. pam_group.so)
Source: sddm Source-Version: 0.18.0-1 On Tue, May 08, 2018 at 03:14:26PM +0200, Salvatore Bonaccorso wrote: > Package: sddm > Version: 0.14.0-4 > Severity: normal > Tags: upstream > Forwarded: https://github.com/sddm/sddm/pull/834 > > Hi > > In sddm setups where the sddm pam configuration is configured to use > pam_group to add additional groups on login depending on the > /etc/security/group.conf configuration does not work. This was as well > reported upstream as https://github.com/sddm/sddm/pull/834 . > > Upstream fix > https://github.com/sddm/sddm/commit/1bc813d08b8130e458a6550ec47fb2bfbe6de080 > > Note, similar configuration worked with kdm under Jessie, so such > setups are suffering from a slight regression when updating from > Jessie to Stretch with kdm (respective later sddm) using pam_group > setup. > > Could you consider to update it in unstable and possibly via point > release in stretch? I would be happy to test any backported fix. This now has been fixed in 0.18.0-1 as uploaded in unstable. Regards, Salvatore
Bug#898191: sddm: Does not honor PAM's ambient supplemental groups (via e.g. pam_group.so)
¡Hola Salvatore! El 2018-05-08 a las 15:14 +0200, Salvatore Bonaccorso escribió: Package: sddm Version: 0.14.0-4 Severity: normal Tags: upstream Forwarded: https://github.com/sddm/sddm/pull/834 In sddm setups where the sddm pam configuration is configured to use pam_group to add additional groups on login depending on the /etc/security/group.conf configuration does not work. This was as well reported upstream as https://github.com/sddm/sddm/pull/834 . Upstream fix https://github.com/sddm/sddm/commit/1bc813d08b8130e458a6550ec47fb2bfbe6de080 It seems to me that the the commit is missing free(buffer) in the first if. Note, similar configuration worked with kdm under Jessie, so such setups are suffering from a slight regression when updating from Jessie to Stretch with kdm (respective later sddm) using pam_group setup. Could you consider to update it in unstable and possibly via point release in stretch? I would be happy to test any backported fix. I have looked at this commit and after giving it some thought, I don't think the issue it's fixing is worth accelerating. I would rather wait for this to be released. I recommend that you talk to upstream in order to get it into the 0.18.0 release. If you are planning to use sddm in a large enough environment you might also be interested in the patches from Dmitry Torokhov: - d598c324b589b84e631bd23108f2709a7a8d9634 UserModel: optimize setting of default user icon (#999) - 011020cbd14e302a0b80e9b208379cd1dca0f2b8 UserModel: fix filtering out duplicate users (#998) - 0edc3ffe15f2cdd89da40f4c830da8860bd9a13e UserModel: optimize filtering out duplicate users (#995) Happy hacking, -- "If it ain't broke, don't fix it" -- Bert Lance "If we can't fix it, it ain't broke" -- Lieutenant Colonel Walt Weir Saludos /\/\ /\ >< `/ signature.asc Description: PGP signature
Bug#898191: sddm: Does not honor PAM's ambient supplemental groups (via e.g. pam_group.so)
Package: sddm Version: 0.14.0-4 Severity: normal Tags: upstream Forwarded: https://github.com/sddm/sddm/pull/834 Hi In sddm setups where the sddm pam configuration is configured to use pam_group to add additional groups on login depending on the /etc/security/group.conf configuration does not work. This was as well reported upstream as https://github.com/sddm/sddm/pull/834 . Upstream fix https://github.com/sddm/sddm/commit/1bc813d08b8130e458a6550ec47fb2bfbe6de080 Note, similar configuration worked with kdm under Jessie, so such setups are suffering from a slight regression when updating from Jessie to Stretch with kdm (respective later sddm) using pam_group setup. Could you consider to update it in unstable and possibly via point release in stretch? I would be happy to test any backported fix. Regards, Salvatore
