automatic unlocking of keyring
As some may remember, we turned automatic unlocking of
keyrings at login time off at a late time in the F8 schedule, since it was not working properly with our pam configuration. pam has meanwhile gained a new feature that will hopefully allow this to work reliably (substack). I have built gdm-2.21.2-0.2007.11.20.4.fc9 and gnome-keyring-2.20.2-2.fc9 in rawhide with this turned on. Please try it and tell me if it works for you. Matthias -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
fre, 30 11 2007 kl. 11:38 -0500, skrev Matthias Clasen:
> As some may remember, we turned automatic unlocking of > keyrings at login time off at a late time in the F8 schedule, > since it was not working properly with our pam configuration. > > pam has meanwhile gained a new feature that will hopefully > allow this to work reliably (substack). I have built > gdm-2.21.2-0.2007.11.20.4.fc9 and gnome-keyring-2.20.2-2.fc9 > in rawhide with this turned on. > > Please try it and tell me if it works for you. Works for me on my Rawhide x86_64 box. Excellent I was getting tired of unlocking that thing manually to get connected to the wifi on lock in. - David -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
On Fri, 2007-11-30 at 18:10 +0100, David Nielsen wrote:
> fre, 30 11 2007 kl. 11:38 -0500, skrev Matthias Clasen: > > As some may remember, we turned automatic unlocking of > > keyrings at login time off at a late time in the F8 schedule, > > since it was not working properly with our pam configuration. > > > > pam has meanwhile gained a new feature that will hopefully > > allow this to work reliably (substack). I have built > > gdm-2.21.2-0.2007.11.20.4.fc9 and gnome-keyring-2.20.2-2.fc9 > > in rawhide with this turned on. > > > > Please try it and tell me if it works for you. > > Works for me on my Rawhide x86_64 box. Excellent I was getting tired of > unlocking that thing manually to get connected to the wifi on lock in. > This is great news. If things look good I vote for pushing this to our F8 users. I will test it on F8 and report back. Jon -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
On Fri, 2007-11-30 at 15:32 -0500, Jon Nettleton wrote:
> On Fri, 2007-11-30 at 18:10 +0100, David NielI dsen wrote: > > fre, 30 11 2007 kl. 11:38 -0500, skrev Matthias Clasen: > > > As some may remember, we turned automatic unlocking of > > > keyrings at login time off at a late time in the F8 schedule, > > > since it was not working properly with our pam configuration. > > > > > > pam has meanwhile gained a new feature that will hopefully > > > allow this to work reliably (substack). I have built > > > gdm-2.21.2-0.2007.11.20.4.fc9 and gnome-keyring-2.20.2-2.fc9 > > > in rawhide with this turned on. > > > > > > Please try it and tell me if it works for you. > > > > Works for me on my Rawhide x86_64 box. Excellent I was getting tired of > > unlocking that thing manually to get connected to the wifi on lock in. > > > > This is great news. If things look good I vote for pushing this to our > F8 users. I will test it on F8 and report back. It'll have to wait for substack support in the F8 pam, though. I don't know what Tomas' plans are for that. Tomas ? -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
On Fri, 2007-11-30 at 11:38 -0500, Matthias Clasen wrote:
> As some may remember, we turned automatic unlocking of > keyrings at login time off at a late time in the F8 schedule, > since it was not working properly with our pam configuration. > > pam has meanwhile gained a new feature that will hopefully > allow this to work reliably (substack). I have built > gdm-2.21.2-0.2007.11.20.4.fc9 and gnome-keyring-2.20.2-2.fc9 > in rawhide with this turned on. > > Please try it and tell me if it works for you. Nice work. Almost there: 1. Logging in via fingerprint auth; doesn't work.. but that's expected 2. Logging in via password; unlocking keyring works fine 3. Change password 4. Logging in via password; doesn't unlock keyring 5. Change back to old password 6. Logging in via password; unlocking keyring works fine So I think you're missing the bit where the keyring password is updated. HTH, David -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
On Fri, 2007-11-30 at 16:25 -0500, David Zeuthen wrote:
> On Fri, 2007-11-30 at 11:38 -0500, Matthias Clasen wrote: > > As some may remember, we turned automatic unlocking of > > keyrings at login time off at a late time in the F8 schedule, > > since it was not working properly with our pam configuration. > > > > pam has meanwhile gained a new feature that will hopefully > > allow this to work reliably (substack). I have built > > gdm-2.21.2-0.2007.11.20.4.fc9 and gnome-keyring-2.20.2-2.fc9 > > in rawhide with this turned on. > > > > Please try it and tell me if it works for you. > > Nice work. Almost there: > > 1. Logging in via fingerprint auth; doesn't work.. but that's expected That'll work once you engrave your password on your fingertip, I guess. > 2. Logging in via password; unlocking keyring works fine > > 3. Change password > > 4. Logging in via password; doesn't unlock keyring This would work if we added gnome-keyring support to /etc/pam.d/passwd. The bug against authconfig to do that is still open: https://bugzilla.redhat.com/show_bug.cgi?id=250147 -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
On Fri, 2007-11-30 at 16:43 -0500, Matthias Clasen wrote:
> On Fri, 2007-11-30 at 16:25 -0500, David Zeuthen wrote: <snip> > > 1. Logging in via fingerprint auth; doesn't work.. but that's expected > > That'll work once you engrave your password on your fingertip, I guess. Or have the password updated in the fingerprint blob... -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
On Sat, 2007-12-01 at 00:33 +0000, Bastien Nocera wrote:
> On Fri, 2007-11-30 at 16:43 -0500, Matthias Clasen wrote: > > On Fri, 2007-11-30 at 16:25 -0500, David Zeuthen wrote: > <snip> > > > 1. Logging in via fingerprint auth; doesn't work.. but that's expected > > > > That'll work once you engrave your password on your fingertip, I guess. > > Or have the password updated in the fingerprint blob... > That is how it was addressed when I first took over pam_keyring. Pam_bio_api (relying on unix permissions for secrecy) had an embedded pass-phrase in the BIR. This allowed their pam-module to authenticate on finger-print scan then populate the AUTHTOKEN of the pam stack with the passphrase and pass it along to other pam modules. Could be implemented better, but has the correct idea. Jon -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
automatic unlocking of keyring
Matthias Clasen wrote:
As some may remember, we turned automatic unlocking of keyrings at login time off at a late time in the F8 schedule, since it was not working properly with our pam configuration. pam has meanwhile gained a new feature that will hopefully allow this to work reliably (substack). I have built gdm-2.21.2-0.2007.11.20.4.fc9 and gnome-keyring-2.20.2-2.fc9 in rawhide with this turned on. Please try it and tell me if it works for you. Matthias This is actually working for me on F8 using: gdm-2.20.2-2.fc8 and gnome-keyring-2.20.2-1.fc8 The only thing I think I changed was to move pam_gnome_keyring.so above the system-auth line in /etc/pam.d/gdm. If this is not supposed to work, what am I missing? I definitely unlocks the keyring for nm_applet, evolution and various server connections. /Thomas -- Fedora-desktop-list mailing list Fedora-desktop-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-desktop-list |
| All times are GMT. The time now is 02:55 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.