[Pkg-xfce-devel] Bug#717297: Bug#717297: lightdm: pam.d/lightdm-greeter doesn't use system settings for pam

Yves-Alexis Perez corsac at debian.org
Sat Jul 20 07:43:07 UTC 2013

On sam., 2013-07-20 at 11:29 +1000, Peter Chubb wrote:
> >>>>> "Yves-Alexis" == Yves-Alexis Perez <corsac at debian.org> writes:
> Yves-Alexis> Can you tell us what exactly is broken by this? As far as
> Yves-Alexis> I know this pam file is only for the greeter, not for
> Yves-Alexis> session run from them (they're handled by
> Yves-Alexis> /etc/pam.d/lightdm which correctly includes the common
> Yves-Alexis> debian files.
> People who authenticate only via ldap --- for whom pam_unix.so doesn't
> work --- cannot log in, because username and password are not know to
> pam_unix.so only to either pam_ldap.so or pam_sssd.so.  I imagine
> other authentication mechanisms will also fail.
> What's more if there's any other policy set in common-account or
> common-session, it's not obeyed (e.g., time-of-use or group membership
> restrictions)

I'm pretty puzzled by this. Can you exactly describe what happens,
starting from when the greeter starts, and provide some logs?

As I already wrote, my feeling was that /etc/pam.d/lightdm-greeter was
*not* used for user authentication, so it should even matter in your

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-xfce-devel/attachments/20130720/ebc51458/attachment.sig>

More information about the Pkg-xfce-devel mailing list