1 |
On Feb 5, 2014 6:23 PM, "walt" <w41ter@×××××.com> wrote: |
2 |
[ snip ] |
3 |
> I am seat0 (I forgot about loginctl, thanks) but I'm not sure what you |
4 |
> mean by "enabled in /etc/pam.d". Many months ago I remember being |
5 |
confused |
6 |
> by the last line of system-auth: |
7 |
> |
8 |
> #cat /etc/pam.d/system-auth |
9 |
> auth required pam_env.so |
10 |
> auth sufficient pam_ssh.so |
11 |
> auth required pam_unix.so try_first_pass likeauth nullok |
12 |
> auth optional pam_permit.so |
13 |
> |
14 |
> account required pam_unix.so |
15 |
> account optional pam_permit.so |
16 |
> |
17 |
> password required pam_cracklib.so difok=2 minlen=8 |
18 |
dcredit=2 ocredit=2 retry=3 |
19 |
> password required pam_unix.so try_first_pass use_authtok |
20 |
nullok sha512 shadow |
21 |
> password optional pam_permit.so |
22 |
> |
23 |
> session optional pam_ssh.so |
24 |
> session required pam_limits.so |
25 |
> session required pam_env.so |
26 |
> session required pam_unix.so |
27 |
> session optional pam_permit.so |
28 |
> -session optional pam_systemd.so |
29 |
> |
30 |
> I don't understand the meaning of the '-' in the last line. I didn't |
31 |
> put it there, except possibly by accident when falling asleep at the |
32 |
> keyboard :) |
33 |
|
34 |
The - is to make it optional; if the pam_systemd.so module is not |
35 |
available, the - makes it so it is not a failure. |
36 |
|
37 |
I'm more concerned about you being seat0, and you being asked for a |
38 |
password. In theory that's what logind solves, and in a much more cleaner, |
39 |
race-free and deterministic way than ConsoleKit. |
40 |
|
41 |
Do you have systemd with the policykit USE flag? And polkit with the |
42 |
systemd USE flag? (I suppose the later must have it). |
43 |
|
44 |
If you do, can you please show us the output (make sure to do this inside |
45 |
your DE session) from: |
46 |
|
47 |
• loginctl seat-status |
48 |
|
49 |
For example, mine shows: |
50 |
|
51 |
seat0 |
52 |
Sessions: *1 |
53 |
Devices: |
54 |
├─/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input5 |
55 |
│ input:input5 "Power Button" |
56 |
|
57 |
├─/sys/devices/LNXSYSTM:00/device:00/PNP0A08:00/LNXVIDEO:01/input/input14 |
58 |
│ input:input14 "Video Bus" |
59 |
|
60 |
├─/sys/devices/LNXSYSTM:00/device:00/PNP0C0C:00/input/input3 |
61 |
│ input:input3 "Power Button" |
62 |
|
63 |
├─/sys/devices/LNXSYSTM:00/device:00/PNP0C0D:00/input/input4 |
64 |
│ input:input4 "Lid Switch" |
65 |
├─/sys/devices/pci0000:00/0000:00:02.0/drm/card0 |
66 |
│ drm:card0 |
67 |
├─/sys/devices/pci0000:00/0000:00:02.0/graphics/fb0 |
68 |
│ [MASTER] graphics:fb0 "inteldrmfb" |
69 |
etc. |
70 |
|
71 |
As you can see, the seat0 owns the Power Button, the Video Bus, the Lid |
72 |
Switch, etc. If you own them, then you don't need authentication to use |
73 |
them. |
74 |
|
75 |
Regards. |
76 |
-- |
77 |
Canek Peláez Valdés |
78 |
Posgrado en Ciencia en Ingeniería de la Computación |
79 |
Universidad Nacional Autónoma de México |