LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 06-15-2020, 01:48 PM   #226
gegechris99
Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware current 64bit
Posts: 977
Blog Entries: 5

Rep: Reputation: 191Reputation: 191

Quote:
Originally Posted by kevmccor View Post
So, what is the Slackware method or what do we do to have gnome-keyring working properly with password access?
I don't use gnome-keyring but based on my understanding of Slackware PAM configuration files and this Gnome Keyring documentation, you get the following process out of the box.

Slackware PAM configuration file will automatically launch gnome-keyring when you log in using either the console, xdm or kdm.
It will open your 'login' keyring using your user password.

Prerequisite: you must use the 'login" keyring and make its password the same as your user password.

If you are using a display manager not provided by Slackware (ex: gdm, lxml), you should make sure it is compiled with PAM support (if it's possible at all). The PAM-enabled display manager should have its own configuration file in /etc/pam.d that will most probably need to be tweaked.

Last edited by gegechris99; 06-15-2020 at 01:55 PM. Reason: typo
 
1 members found this post helpful.
Old 06-15-2020, 03:12 PM   #227
pyllyukko
LQ Newbie
 
Registered: Dec 2007
Location: 🇫🇮
Distribution: Slackware
Posts: 3

Rep: Reputation: 1
Hi.

What's the point in the following lines in /etc/pam.d/system-auth:

Code:
auth        sufficient    pam_unix.so likeauth nullok
auth        required      pam_deny.so
-auth        optional      pam_gnome_keyring.so
The pam_gnome_keyring.so never gets executed with successful login because of the sufficient in pam_unix.so.

EDIT: Apparently this was already brought up by Gazl in this comment.

Last edited by pyllyukko; 06-15-2020 at 03:38 PM.
 
1 members found this post helpful.
Old 06-17-2020, 01:27 AM   #228
gegechris99
Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware current 64bit
Posts: 977
Blog Entries: 5

Rep: Reputation: 191Reputation: 191
This has now been corrected in current.

Other comments posted by GazL are also being considered.

Quote:
Tue Jun 16 20:50:41 UTC 2020
a/shadow-4.8.1-x86_64-10.txz: Rebuilt.
system-auth: auth required pam_unix.so [...], otherwise the stack exits
before pam_gnome_keyring.so executes. Thanks to pyllyukko.
Get rid of "auth required pam_deny.so" which seems like a mistake.
Still pending: consider GazL's comments on moving stuff out of system-auth.
 
1 members found this post helpful.
Old 06-17-2020, 08:46 AM   #229
kevmccor
Member
 
Registered: Aug 2004
Location: Texas
Distribution: slackware
Posts: 111

Rep: Reputation: 29
This documentation of gnome keyring states that the login keyring is created automatically. In my case the "login" keyring was not auto-magically created, leading to google-chrome creating its own keyring as the default. I used sbopkg to install seahorse and seahorse-plugins, which is called "Passwords and Keys" in the XFCE | system menu, and then added the login key with my login password. Whether this accomplished anything is at present unknown, but I have no trouble logging in or using XFCE. I was using Fluxbox and then switched to XFCE for my window manager and have tried to use non-kde applications with XFCE. Most Slackware users would probably have similar issues with the kde kwallet application.

For me, the concern is not the technical details of how Slackware implements pam, but the information describing the basics for the user. After spending a couple of hours reading about pam and gnome keyring, my conclusion is that security through obscurity is alive and well. One must realize that combinations of arrangements quickly become quite complicated. I think gnome-keyring is an encrypted data file similar to keepassx (which I have used for years), but it is tied into the background process, so if it fails there is no obvious context or explanation for the user. IMHO, a mysterious password security system is not really very helpful, so the main point is to prevent it from being a frustrating problem for users.
 
Old 06-17-2020, 09:15 AM   #230
arfon
Member
 
Registered: Apr 2004
Location: Texas
Distribution: Slackware
Posts: 192

Rep: Reputation: Disabled
Quote:
Apparently the best way is: ignore it and it will not bother you.
THAT has been the secret to my happy life.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
a bug in dialog merged with Slackware64 current? duturo1953 Slackware 1 08-23-2017 02:26 PM
/etc/pam.d/system-auth-ac vs. /etc/pam.d/password-auth-ac vs. /etc/pam.d/sshd christr Red Hat 2 08-01-2014 07:08 PM
PAM module:passwd:- how many character validate by pam library amit_pansuria Linux - General 3 10-21-2008 01:19 AM
vsftpd + pam + virtual users - Pam cannot load database file. mdkelly069 Linux - Networking 3 09-22-2004 11:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 03:12 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration