desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #100298
[Bug 1305440] Re: Allow a distinct pam config file for greeter and for lock-screen
** Changed in: unity
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to unity-greeter in Ubuntu.
Matching subscriptions: dp-unity
https://bugs.launchpad.net/bugs/1305440
Title:
Allow a distinct pam config file for greeter and for lock-screen
Status in Unity:
Fix Released
Status in Unity 7.2 series:
In Progress
Status in unity package in Ubuntu:
Fix Released
Status in unity-greeter package in Ubuntu:
Invalid
Status in unity source package in Trusty:
Fix Released
Status in unity-greeter source package in Trusty:
Invalid
Bug description:
[Impact]
It might be desirable to have a distinct pam config file when logging
in and when unlocking the screen. Specifically, using a fingerprint
reader is fine for sudo or for unlocking, but you want to use your
password when logging in, to provide a secret and be able to unlock
the gnome-keyring for example.
[Test Case]
See http://askubuntu.com/questions/445131/how-do-i-enable-a-specific-
pam-config-in-the-lockscreen
So this feature request is about allowing for a (optional) pam config
file for the lock-screen, distinct from the /etc/pam.d/lightdm
currently used and shared with the greeter.
[Regression Potential]
An additional configuration point could allow a system to be
misconfigured for reduced security. The default configuration is to
use the same PAM stack as the LightDM login process so no new
regression is introduced without user modification.
[Other Info]
The Ubuntu 14.04 LTS SRU patch was cherry-picked from Ubuntu 14.10
where it has been in production use for a few months and appears
stable.
To manage notifications about this bug go to:
https://bugs.launchpad.net/unity/+bug/1305440/+subscriptions