Add pam module to read cached password from systemd-cryptsetup.#1550
Add pam module to read cached password from systemd-cryptsetup.#1550h0cheung wants to merge 2 commits intosddm:developfrom
Conversation
davidedmundson
left a comment
There was a problem hiding this comment.
Overall it makes sense. I'm always happy to steal things from Gnome.
A few cmake issues
| # KEYUTILS_INCLUDE_DIR - the keyutils include directories | ||
| # KEYUTILS_LIBRARIES - link these to use keyutils | ||
|
|
||
| find_path(KEYUTILS_INCLUDE_DIR keyutils.h PATHS |
There was a problem hiding this comment.
keyutils (on my system at least) has a pkgconfig file.
We should wrap that rather than manual calls where possible, it's more future proof
There was a problem hiding this comment.
pkg_check_modules(Keyutils IMPORTED_TARGET libkeyutils) would suffice.
| include(KDEInstallDirs) | ||
|
|
||
| find_package(PAM REQUIRED) | ||
| find_package(keyutils REQUIRED) |
There was a problem hiding this comment.
find_package(keyutils REQUIRED)
add_definitions(-DHAVE_KEYUTILS)
something here is off. We're making this required, yet have a code path to make it optional
| int argc, | ||
| const char **argv) | ||
| { | ||
| #ifdef HAVE_KEYUTILS |
There was a problem hiding this comment.
Is there a reason we build this pam module at all if we don't have keyutils?
If not, we could move this to a cmake check above the add_subdirectory
|
The commit messages need a lot more explanation |
|
A similar PAM module was added in systemd 255, so we don't need another module. Just add this line to /etc/pam.d/sddm-autologin: |
This solves #930.
Use the source file
pam_gdm.cin gdm, build it aspam_sddm.soto avoid conflicting.Then edit pam config and systemd units for it to work.