On 05/28/2018 11:34 AM, Martín Marqués wrote: > 2018-05-22 13:56 GMT-03:00 Rick Stevens <ricks@xxxxxxxxxxxxxx>: >> >> And I just had lightdm screw up royally. First, upon login I got an >> XFCE polkit error popup, which is singularly useless in telling you >> anything you can troubleshoot with. Then, I had no access to the sound >> hardware on my machine, nor could I enable/disable wireless, play >> with firewall settings or anything else, as polkit thought I didn't have >> permissions to do anything, nor did it ever pop up an authentication >> dialog. > > OMG, just what happened to me. So lightdm is to blame? No it's not lightdm that's to blame, it's an interaction between lightdm and pam-kwallet. Quick fix: Edit your /etc/pam.d/lightdm file and comment out any line referencing pam_kwallet.so or pam_kwallet5.so, log out and back in and you should be fine. For some weird reason, lightdm includes this in its configuration. My version of the above file: [root@golem4 xxx]# cat /etc/pam.d/lightdm #%PAM-1.0 # Note that pam-kwallet 5.12.4-2.fc27 is severely broken and will # prevent xfce-polkit from working, so the lines referencing it are # commented out here. auth [success=done ignore=ignore default=bad] pam_selinux_permit.so auth required pam_env.so auth substack system-auth -auth optional pam_gnome_keyring.so #-auth optional pam_kwallet5.so #-auth optional pam_kwallet.so auth include postlogin account required pam_nologin.so account include system-auth password include system-auth session required pam_selinux.so close session required pam_loginuid.so session optional pam_console.so -session optional pam_ck_connector.so session required pam_selinux.so open session optional pam_keyinit.so force revoke session required pam_namespace.so -session optional pam_gnome_keyring.so auto_start #-session optional pam_kwallet5.so #-session optional pam_kwallet.so session include system-auth session optional pam_lastlog.so silent session include postlogin There is a bugzilla on this: https://bugzilla.redhat.com/show_bug.cgi?id=1581495 and even the latest version of the pam-kwallet RPM does not fix it--not even for F28. >> I wiped my xfce settings, reinstalled lightdm, xfce4-polkit and anything >> else I could think of to no avail. I finally just punted, disabled >> lightdm and enabled lxdm and everything started working again. > > I think I had another DM around. Will switch and see. That's drastic, but as I said above, disabling PAM's use of kwallet when using lightdm fixes the issue. Note I'm an Xfce4 user, so disabling pam_kwallet* may have consequences on KDM/Plasma desktops that I don't know about. I see that lxdm's PAM config does NOT include pam_kwallet*.so in its default PAM config (I've not tried tried using pam_kwallet* in an lxdm config). So, if your KDE/Plasma desktop works as expected using lxdm, then commenting out the pam_kwallet*.so stuff in the lightdm config shouldn't affect your desktop either. YMMV ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Microsoft Windows: Proof that P.T. Barnum was right - ---------------------------------------------------------------------- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx/message/B6DUIQU5JBKGK5USRVHS7MW6FVXILUA2/
