desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #91258
[Bug 1305440] Re: Allow a distinct pam config file for greeter and for lock-screen
Attached debdiff between trusty-updates and SRU.
** Branch unlinked: lp:~unity-team/unity/trusty-1305440
** Description changed:
+ [Impact]
+
It might be desirable to have a distinct pam config file when logging in
and when unlocking the screen. Specifically, using a fingerprint reader
is fine for sudo or for unlocking, but you want to use your password
when logging in, to provide a secret and be able to unlock the gnome-
keyring for example.
+
+ [Test Case]
See http://askubuntu.com/questions/445131/how-do-i-enable-a-specific-
pam-config-in-the-lockscreen
So this feature request is about allowing for a (optional) pam config
file for the lock-screen, distinct from the /etc/pam.d/lightdm currently
used and shared with the greeter.
+
+ [Regression Potential]
+
+ An additional configuration point could allow a system to be
+ misconfigured for reduced security. The default configuration is to use
+ the same PAM stack as the LightDM login process so no new regression is
+ introduced without user modification.
+
+ [Other Info]
+
+ The Ubuntu 14.04 LTS SRU patch was cherry-picked from Ubuntu 14.10 where
+ it has been in production use for a few months and appears stable.
** Patch added: "debdiff between unity_7.2.3+14.04.20140826-0ubuntu1 and unity_7.2.4+14.04.20141217-0ubuntu1"
https://bugs.launchpad.net/ubuntu/+source/unity-greeter/+bug/1305440/+attachment/4289402/+files/unity_7.2.4%2B14.04.20141217-0ubuntu1.debdiff
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to unity-greeter in Ubuntu.
https://bugs.launchpad.net/bugs/1305440
Title:
Allow a distinct pam config file for greeter and for lock-screen
Status in Unity:
Fix Committed
Status in Unity 7.2 series:
In Progress
Status in unity package in Ubuntu:
Fix Released
Status in unity-greeter package in Ubuntu:
Invalid
Bug description:
[Impact]
It might be desirable to have a distinct pam config file when logging
in and when unlocking the screen. Specifically, using a fingerprint
reader is fine for sudo or for unlocking, but you want to use your
password when logging in, to provide a secret and be able to unlock
the gnome-keyring for example.
[Test Case]
See http://askubuntu.com/questions/445131/how-do-i-enable-a-specific-
pam-config-in-the-lockscreen
So this feature request is about allowing for a (optional) pam config
file for the lock-screen, distinct from the /etc/pam.d/lightdm
currently used and shared with the greeter.
[Regression Potential]
An additional configuration point could allow a system to be
misconfigured for reduced security. The default configuration is to
use the same PAM stack as the LightDM login process so no new
regression is introduced without user modification.
[Other Info]
The Ubuntu 14.04 LTS SRU patch was cherry-picked from Ubuntu 14.10
where it has been in production use for a few months and appears
stable.
To manage notifications about this bug go to:
https://bugs.launchpad.net/unity/+bug/1305440/+subscriptions