[Touch-packages] [Bug 1371710] Re: autologin should support PAM_USER
Thats both good and bad news then! Hopefully you will find another feature that needs improvement. Yes, we might as well close this. As it's probably not a big limitation to specify a default username. Ack on the documentation issue. We'll just add that to the list of documentation deficiencies... ** Changed in: lightdm Status: Triaged => Invalid ** Changed in: lightdm/1.10 Status: Triaged => Invalid ** Changed in: lightdm (Ubuntu) Status: Triaged => Invalid ** Changed in: lightdm (Ubuntu Trusty) Status: Triaged => Invalid ** Changed in: lightdm (Ubuntu Utopic) Status: Triaged => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1371710 Title: autologin should support PAM_USER Status in Light Display Manager: Invalid Status in Light Display Manager 1.10 series: Invalid Status in “lightdm” package in Ubuntu: Invalid Status in “lightdm” source package in Trusty: Invalid Status in “lightdm” source package in Utopic: Invalid Bug description: There should be a way to specify the autologin-user via PAM_USER. Currently, to enable autologin you specify autologin-user in the lightdm.conf file, and any value of PAM_USER returned after pam_authenticate() is ignored. This means if you want to affect autologin so that different users are logged in at different times, based on some external criteria, you must rewrite the lightdm configuration and restart the service each time. One approach would be to add a new key e.g. "autologin-user-pam=true" which would enable autologin and use the PAM_USER returned by pam_authenticate() as the user to log in. It might make sense that if PAM_USER is *not* set by the call to pam_authenticate to fall back to the autologin-user value, or else to disable autologin entirely. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1371710/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1371710] Re: autologin should support PAM_USER
By the way, this doesn't appear to be documented. IMO the existence of the pam-autologin service vs the pam-greeter service ought to be documented, as well as this behavior of setting PAM_USER in the pam- autologin service. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1371710 Title: autologin should support PAM_USER Status in Light Display Manager: Triaged Status in Light Display Manager 1.10 series: Triaged Status in “lightdm” package in Ubuntu: Triaged Status in “lightdm” source package in Trusty: Triaged Status in “lightdm” source package in Utopic: Triaged Bug description: There should be a way to specify the autologin-user via PAM_USER. Currently, to enable autologin you specify autologin-user in the lightdm.conf file, and any value of PAM_USER returned after pam_authenticate() is ignored. This means if you want to affect autologin so that different users are logged in at different times, based on some external criteria, you must rewrite the lightdm configuration and restart the service each time. One approach would be to add a new key e.g. "autologin-user-pam=true" which would enable autologin and use the PAM_USER returned by pam_authenticate() as the user to log in. It might make sense that if PAM_USER is *not* set by the call to pam_authenticate to fall back to the autologin-user value, or else to disable autologin entirely. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1371710/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1371710] Re: autologin should support PAM_USER
After studying the code and exploring a bit with gdb and a test PAM module I wrote that simply sets pam_user, I've determined that in fact lightDM *already* works just fine with a PAM module on the auth stack of the lightdm-autologin PAM service which sets PAM_USER. I simply hadn't realized that autologin used its own PAM service. The name specified for PAM_USER will override the autologin-user value in lightdm.conf. In my opinion, this behavior is ideal. If we actually tried to change the code to allow turning autologin on without specifying an autologin user, and no PAM_USER was set by any PAM module, we'd have a strange error case to deal with. So, to turn autologin on, you must specify a default/fallback user for autologin-user. If a PAM module in the lightdm-autologin PAM stack sets PAM_USER in pam_sm_authenticate(), that will override the user specified in lightdm.conf. No change required. If there are no other suggestions/objections, I will close out this bug. Too bad, I was looking forward to contributing :-) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1371710 Title: autologin should support PAM_USER Status in Light Display Manager: Triaged Status in Light Display Manager 1.10 series: Triaged Status in “lightdm” package in Ubuntu: Triaged Status in “lightdm” source package in Trusty: Triaged Status in “lightdm” source package in Utopic: Triaged Bug description: There should be a way to specify the autologin-user via PAM_USER. Currently, to enable autologin you specify autologin-user in the lightdm.conf file, and any value of PAM_USER returned after pam_authenticate() is ignored. This means if you want to affect autologin so that different users are logged in at different times, based on some external criteria, you must rewrite the lightdm configuration and restart the service each time. One approach would be to add a new key e.g. "autologin-user-pam=true" which would enable autologin and use the PAM_USER returned by pam_authenticate() as the user to log in. It might make sense that if PAM_USER is *not* set by the call to pam_authenticate to fall back to the autologin-user value, or else to disable autologin entirely. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1371710/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1371710] Re: autologin should support PAM_USER
** Changed in: lightdm/1.10 Status: In Progress => Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1371710 Title: autologin should support PAM_USER Status in Light Display Manager: Triaged Status in Light Display Manager 1.10 series: Triaged Status in “lightdm” package in Ubuntu: Triaged Status in “lightdm” source package in Trusty: Triaged Status in “lightdm” source package in Utopic: Triaged Bug description: There should be a way to specify the autologin-user via PAM_USER. Currently, to enable autologin you specify autologin-user in the lightdm.conf file, and any value of PAM_USER returned after pam_authenticate() is ignored. This means if you want to affect autologin so that different users are logged in at different times, based on some external criteria, you must rewrite the lightdm configuration and restart the service each time. One approach would be to add a new key e.g. "autologin-user-pam=true" which would enable autologin and use the PAM_USER returned by pam_authenticate() as the user to log in. It might make sense that if PAM_USER is *not* set by the call to pam_authenticate to fall back to the autologin-user value, or else to disable autologin entirely. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1371710/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1371710] Re: autologin should support PAM_USER
I think there's two bugs here: 1. If you autologin and PAM_USER is changed in a PAM module LightDM must abide by that. 2. There's no method to do an autologin without explicitly specifying a PAM user. ** Changed in: lightdm Status: New => Triaged ** Changed in: lightdm Importance: Undecided => Medium ** Also affects: lightdm (Ubuntu) Importance: Undecided Status: New ** Also affects: lightdm (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: lightdm (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: lightdm/1.10 Importance: Undecided Status: New ** Changed in: lightdm/1.10 Importance: Undecided => Medium ** Changed in: lightdm/1.10 Status: New => In Progress ** Changed in: lightdm (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: lightdm (Ubuntu Trusty) Status: New => Triaged ** Changed in: lightdm (Ubuntu Utopic) Status: New => Triaged ** Changed in: lightdm (Ubuntu Utopic) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1371710 Title: autologin should support PAM_USER Status in Light Display Manager: Triaged Status in Light Display Manager 1.10 series: Triaged Status in “lightdm” package in Ubuntu: Triaged Status in “lightdm” source package in Trusty: Triaged Status in “lightdm” source package in Utopic: Triaged Bug description: There should be a way to specify the autologin-user via PAM_USER. Currently, to enable autologin you specify autologin-user in the lightdm.conf file, and any value of PAM_USER returned after pam_authenticate() is ignored. This means if you want to affect autologin so that different users are logged in at different times, based on some external criteria, you must rewrite the lightdm configuration and restart the service each time. One approach would be to add a new key e.g. "autologin-user-pam=true" which would enable autologin and use the PAM_USER returned by pam_authenticate() as the user to log in. It might make sense that if PAM_USER is *not* set by the call to pam_authenticate to fall back to the autologin-user value, or else to disable autologin entirely. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1371710/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
