You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1676385
Description of problem:
I want to auto unlock the gnome keyring on login. If the 'login' keyring does
not exist it should be created using the smartcard PIN provided by the user as
password. This worked in RHEL7 with pam_pkcs11 but does not seem to work with
pam_sss, i get the following error:
gdm-smartcard][19194]: gkr-pam: no password is available for user
It seems like pam_sss does not let other pam modules use the provided PIN even
though 'forward_pass' is specified.
/etc/pam.d/gdm-smartcard:
auth substack smartcard-auth
auth optional pam_gnome_keyring.so
auth include postlogin
account required pam_nologin.so
account include smartcard-auth
password include smartcard-auth
session required pam_selinux.so close
session required pam_loginuid.so
session optional pam_console.so
session required pam_selinux.so open
session optional pam_keyinit.so force revoke
session required pam_namespace.so
session include smartcard-auth
session optional pam_gnome_keyring.so auto_start
session include postlogin
Version-Release number of selected component (if applicable):
sssd-2.0.0-21.el8.x86_64
How reproducible:
Always
Steps to Reproduce:
1. Add pam_gnome_keyring to /etc/pam.d/gdm-smartcard
2. Login using pam_sss and smartcard
3.
Actual results:
'login' keyring is not created.
Expected results:
'login' keyring should be created using my smartcard PIN as password
Additional info:
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/4067
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1676385
Comments
Comment from sbose at 2019-08-19 17:37:37
Metadata Update from @sbose:
Comment from sbose at 2019-08-19 17:37:47
Metadata Update from @sbose:
Comment from sbose at 2019-08-19 17:41:51
PR: #869
Comment from sbose at 2019-08-19 17:42:04
Metadata Update from @sbose:
Comment from sbose at 2019-08-23 18:51:57
Commit e989620b relates to this ticket
Comment from sbose at 2019-08-23 18:53:24
Master:
Comment from sbose at 2019-08-23 18:53:25
Metadata Update from @sbose:
The text was updated successfully, but these errors were encountered: