GNU bug report logs - #35674
GDM auto-login doesn't work

Previous Next

Package: guix;

Reported by: "Alex Griffin" <a <at> ajgrf.com>

Date: Fri, 10 May 2019 20:33:02 UTC

Severity: normal

Merged with 40411

Done: Alex Griffin <a <at> ajgrf.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Timothy Sample <samplet <at> ngyro.com>
To: 35674 <at> debbugs.gnu.org
Cc: Ricardo Wurmus <rekado <at> elephly.net>, Alex Griffin <a <at> ajgrf.com>
Subject: bug#35674: GDM auto-login doesn't work
Date: Mon, 13 May 2019 10:24:58 -0400

Hello,

Ricardo Wurmus <rekado <at> elephly.net> writes:

> Hi Alex,
>
>> After configuring Guix to enable GDM auto-login, I am still presented
>> with a password prompt upon booting my machine. I'm not sure whether
>> it's a bug in Guix or something I'm doing wrong, so I've attached the
>> configuration I'm using just in case.
>
> I have observed the same problem.  It’s not something you’re doing wrong.

I noticed recently that GDM stopped reading its configuration file.  I
pushed a430a3501a6d3a565cb78e04a8dbb3ab846ec5fc, which fixes that
problem, but unfortunately does not fix auto-login.

If I turn on debugging output, I can see that the issue has to do with
the way PAM is configured.  Digging a little deeper, I found that our
auto-login PAM service is

    auth [success=ok default=1] pam_gdm.so
    auth sufficient pam_permit.so

What this means is that if “pam_gdm.so” is not successful, the
“pam_permit.so” line will be skipped, and auto-login will not work.  The
“pam_gdm.so” module does some sort of cached password lookup using the
“keyutils” library (presumably for an encrypted home directory).  Our
build of GDM does not support this (we don’t include “keyutils” in its
inputs), so the module never succeeds.  As a result, auto-login fails.

It looks like this particular way of doing things was cribbed from Red
Hat, where the module that gets skipped by “default=1” is
“pam_gnome_keyring.so” (and not “pam_permit.so”).  Other distros simply
mark it as optional.  I suggest we either omit the first rule, since it
will never do anything anyway, or follow other distros and change its
control field to “optional”.

My experience with PAM is limited, so I would appreciate a second
opinion before committing anything.


-- Tim
This bug report was last modified 3 years and 87 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.