[Bug 1336663] Re: lightdm uses wrong ccache name on pam_krb5 credentials refresh
Russ Allbery
rra at debian.org
Tue Jul 8 20:23:21 UTC 2014
Note that all that pam-krb5 specifically cares about is KRB5CCNAME, so
an alternative approach that may require less refactoring and would work
for that PAM module would be to preserve the PAM environment from
pam_getenvlist and set those variables in the environment before
invoking PAM for unlock. That should not require reusing the same PAM
handle.
I don't know if that would be sufficient for other PAM modules, however.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libpam-krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1336663
Title:
lightdm uses wrong ccache name on pam_krb5 credentials refresh
Status in Light Display Manager:
Triaged
Status in “libpam-krb5” package in Ubuntu:
New
Status in “lightdm” package in Ubuntu:
Triaged
Bug description:
As already noted by Brian Knoll in https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1296276/comments/24
lightdm 1.10.1-0ubuntu1 uses an inappropriate credentials cache, /tmp/krb5cc_0, when refreshing Kerberos credentials on screen unlock.
I couldn't find the new bug Robert Ancell called for in
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1296276/comments/27
so I'm opening one now.
To manage notifications about this bug go to:
https://bugs.launchpad.net/lightdm/+bug/1336663/+subscriptions
More information about the foundations-bugs
mailing list