← Back to team overview

debcrafters-packages team mailing list archive

  1. debcrafters-packages team
  2. Mailing list archive
  3. Message #00543

[Bug 2111495] [NEW] gsd-smartcard fails to detect slots when no slots are attached at launch

  Thread PreviousDate PreviousThread Next 
Public bug reported:

gsd-smartcard, which is the GDM/GNOME process that monitors the
smartcard/PKI device status, fails to detect a new slot when hotplug
connected to a host.

the result is if a system is booted with no smartcard reader (or pki
device like a yubikey) connected, then gsd-smartcard never directs GDM
to use the smartcard PAM stack. (also does not detect other features
like lock on removal)

all versions are affected.

note this is only an issue when smartcard/MFA enforcement is enabled.
(passwords disabled). if sssd is called becuase passwords are allowed,
sssd will still do the correct behavior and detect the smartcard to
allow login.

reproduce

* boot system without any PKI device attached
* relaunch gsd-smartcard with debug output
killall gsd-smartcard; /usr/libexec/gsd-smartcard -v
* attach smartcard reader or PKI device and insert smartcard
* observe behavior

* repeat but boot with reader attached
* observe different behavior

upstream bug report
https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/issues/782
upstream patch
https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/commit/88e90f2748f08f14d3f635939f3f85f05f66ecb3

** Affects: gnome-settings-daemon (Ubuntu)
     Importance: Undecided
         Status: New

** Package changed: sssd (Ubuntu) => gnome-settings-daemon (Ubuntu)

-- 
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to gnome-settings-daemon in
Ubuntu.
https://bugs.launchpad.net/bugs/2111495

Title:
  gsd-smartcard fails to detect slots when no slots are attached at
  launch

Status in gnome-settings-daemon package in Ubuntu:
  New

Bug description:
  gsd-smartcard, which is the GDM/GNOME process that monitors the
  smartcard/PKI device status, fails to detect a new slot when hotplug
  connected to a host.

  the result is if a system is booted with no smartcard reader (or pki
  device like a yubikey) connected, then gsd-smartcard never directs GDM
  to use the smartcard PAM stack. (also does not detect other features
  like lock on removal)

  all versions are affected.

  note this is only an issue when smartcard/MFA enforcement is enabled.
  (passwords disabled). if sssd is called becuase passwords are allowed,
  sssd will still do the correct behavior and detect the smartcard to
  allow login.

  reproduce

  * boot system without any PKI device attached
  * relaunch gsd-smartcard with debug output
  killall gsd-smartcard; /usr/libexec/gsd-smartcard -v
  * attach smartcard reader or PKI device and insert smartcard
  * observe behavior

  * repeat but boot with reader attached
  * observe different behavior

  upstream bug report
  https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/issues/782
  upstream patch
  https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/commit/88e90f2748f08f14d3f635939f3f85f05f66ecb3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-settings-daemon/+bug/2111495/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next