registry team mailing list archive

Thread
Date

[Bug 411559] Re: Unfriendly message upon typing incorrect password (Policykit-GNOME/GDM/gnome-screensaver)

To: registry@xxxxxxxxxxxxxxxxxxx
From: Milan Bouchet-Valat <nalimilan@xxxxxxx>
Date: Sat, 28 Aug 2010 21:32:28 -0000
Reply-to: Bug 411559 <411559@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

The question is: which upstream (or which package) should it go into?
This message comes from PAM, which sets it according when an
authentication module returns PAM_AUTH_ERR from pam_sm_authenticate().
In the case of a bad password, this is the pam_unix module. The problem
is, this module can also fail because the account has expired, or other
reasons like that. And the PAM API doesn't allow the module to pass more
information.

So it seems that without changing the PAM API, which would create
compatibility issues, we can't get the real reason of the auth failure.
Changing the string to something like "Wrong password" would work for
most cases, but would be highly misleading if the reason is different
(e.g. disabled account, or if something is going wrong in the setup of
PAM). In particular, for Ubuntu server, it would be silly.

Maybe (maybe...) it would be possible to get the message printed
directly to the console by the module, and see whether it contains
"password". This kind of ugly hack could go into PAM, or into
GDM/PolicyKit/gnome-screensaver, but upstreams generally don't really
like this kind of solution.

-- 
Unfriendly message upon typing incorrect password (Policykit-GNOME/GDM/gnome-screensaver)
https://bugs.launchpad.net/bugs/411559
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for PolicyKit GNOME.