Bugzilla – Bug 1217189
kscreenlocker6: PAM configuration files with pam_loginuid.so which should be unnecessary
Last modified: 2024-02-16 23:16:59 UTC
+++ This bug was initially created as a clone of Bug #1217076 Doesn't warn, but new pam files are needed for unlocking screen with fingerprint devices or smartcard: https://build.opensuse.org/package/view_file/KDE:Unstable:Frameworks/kscreenlock er6/kde-smartcard?expand=1 https://build.opensuse.org/package/view_file/KDE:Unstable:Frameworks/kscreenlock er6/kde-fingerprint?expand=1 https://build.opensuse.org/package/view_file/KDE:Unstable:Frameworks/kscreenlock er6/kde?expand=1 (identical to current one)
I'm looking into this. These are just two custom PAM configuration files. On first sight nothing problematic.
The PAM configuration files are pretty straight forward. However I believe that the `pam_loginuid.so` does not belong in there. This is only supposed to be used for "entry applications" like login, gdm etc. But kscreenlocker isn't an entry application, or is it? Since these files are part of the packaging I reassign this bug to you. Whitelisting is not required for this.
The PAM configuration files in KDE:Frameworks/kscreenlocker6 still are the same. Moving this bug out of the whitelisting tracker bug since there is no whitelisting required.
session mechanisms were dropped