Package: libkscreenlocker5 Version: 5.14.5-1 Severity: grave Justification: causes non-serious data loss
Greetings, I am working on a machine that is configured to use libpam-poldi for user authentication with GPG smart cards. When the screen locker is engaged and the user enters a PIN that is under six characters in length, two things happen: 1. The screen locker will no longer accept a valid PIN. 2. The /var/log/auth.log file fills up with "PIN too short" messages. The messages in auth.log appear as below: Aug 2 09:10:46 hostname kcheckpass[9734]: PIN too short Aug 2 09:10:46 hostname kcheckpass[9734]: PIN too short Aug 2 09:10:46 hostname kcheckpass[9734]: PIN too short ... This problem is clearly due to some issue at the boundary of kcheckpass and libpam-poldi. However, I am not yet able to determine which of the two is responsible. I have pulled down the source code of both packages, and I am actively working on fixing the problem. I can see where libpam-poldi obviously will not accept a PIN less than 6 chars in length. Refer to the libpam-poldi source tree in the file... src/pam/auth-support/getpin-cb.c to confirm this. Ideally, I would need to do the following to fix this issue: 1. Compile libpam-poldi with debugging support. 2. Compile kcheckpass with debugging support. 3. Run kcheckpass with GDB to find where the conversation breaks down when a short PIN is provided. This would tell us if the bug is with kcheckpass or with libpam-poldi. Let me know if you can help me implement the plan of attack above, especially if you can offer or refer me to instructions on building and running kcheckpass from the shell. That would be very helpful! I am quite invested in fixing this, and I'll gladly help in any way I can. Please advise on a course of action. Best wishes, Jason Franklin -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (500, 'stable'), (100, 'unstable'), (10, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages libkscreenlocker5 depends on: ii kpackagetool5 5.54.0-1 ii libc6 2.28-10 ii libkf5configcore5 5.54.0-1 ii libkf5configgui5 5.54.0-1 ii libkf5coreaddons5 5.54.0-1 ii libkf5crash5 5.54.0-1 ii libkf5declarative5 5.54.0-1 ii libkf5globalaccel-bin 5.54.0-1 ii libkf5globalaccel5 5.54.0-1 ii libkf5i18n5 5.54.0-1 ii libkf5idletime5 5.54.0-1 ii libkf5notifications5 5.54.0-1 ii libkf5package5 5.54.0-1 ii libkf5quickaddons5 5.54.0-1 ii libkf5waylandclient5 4:5.54.0-1 ii libkf5waylandserver5 4:5.54.0-1 ii libkf5windowsystem5 5.54.0-1 ii libpam0g 1.3.1-5 ii libqt5core5a 5.11.3+dfsg1-1 ii libqt5dbus5 5.11.3+dfsg1-1 ii libqt5gui5 5.11.3+dfsg1-1 ii libqt5network5 5.11.3+dfsg1-1 ii libqt5qml5 5.11.3-4 ii libqt5quick5 5.11.3-4 ii libqt5widgets5 5.11.3+dfsg1-1 ii libqt5x11extras5 5.11.3-2 ii libseccomp2 2.3.3-4 ii libstdc++6 8.3.0-6 ii libwayland-client0 1.16.0-1 ii libwayland-server0 1.16.0-1 ii libx11-6 2:1.6.7-1 ii libxcb-keysyms1 0.4.0-1+b2 ii libxcb1 1.13.1-2 ii libxi6 2:1.7.9-1 Versions of packages libkscreenlocker5 recommends: ii kde-config-screenlocker 5.14.5-1 libkscreenlocker5 suggests no packages. -- no debconf information