On Fri, 2007-06-15 at 23:22 +0200, Denis Leroy wrote:
Good news here, Jon released pam_keyring 0.0.9. It fixed the F-7
problem
for me:
okay this isn't a release, release. It is a pre-release that fixes the
F-7 problems.
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238741
I'll push an update shortly.
Installing pam_keyring isn't enough though, it still requires manual
edition of /etc/pam.d/gdm to make it work. I was hoping to start some
discussions on what needs to happen to make its behavior enabled
automatically upon installation, especially since this is on the F-8
wish list. Should it use a scriptlet that modifies /etc/pam.d/gdm in
%post (see
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232857 ).
Or add a patch to the gdm package and make it require pam_keyring ? Or
do we want to make this feature optional from authconfig ?
I have a mostly functional addition to authconfig for enabling and
disabling it. I am wondering if the architecture for this app needs to
be extended to make it easy for each pam_package to add an xml file
somewhere to add support for it in authconfig.
Another issue is how do we update the keyring password when the user
changes his/her password ?
The release above has 95% of the code for support of pam_sm_chauthtok.
It has a couple of small bugs that I plan on fixing for full
functionality in supporting changing the keyring password in the
pam_stack.
This will change partially again in 2.20 when we add support for a
on_login keyring in gnome-keyring. I just got wiki write access and
will create a page about it this weekend.
Jon