Yes, please open a new bug to track this other issue.
** Changed in: lightdm
Status: New => Fix Released
** Changed in: lightdm/1.10
Status: New => Fix Released
** Changed in: lightdm (Ubuntu)
Status: New => Fix Released
** Changed in: lightdm (Ubuntu Trusty)
Status:
I set the status back to "new" because that sounded correct given that
there is potentially additional work to be evaluated here, but if that's
not the right thing to do please let me know for future reference when
working with Launchpad tickets. I would normally just file a new
ticket, but in thi
Brian Knoll <1296...@bugs.launchpad.net> writes:
> I just noticed what appears to be another problem:
> -rw--- 1 myuser mygroup 504 May 12 21:21 krb5cc_0
> -rw--- 1 myuser mygroup 504 May 12 21:16 krb5cc_1000_a8bk3j
> While lightdm is renewing the tickets now when unlocking the screen
I just noticed what appears to be another problem:
-rw--- 1 myuser mygroup 504 May 12 21:21 krb5cc_0
-rw--- 1 myuser mygroup 504 May 12 21:16 krb5cc_1000_a8bk3j
While lightdm is renewing the tickets now when unlocking the screen
saver, and the ownership of the ticket is correct, the fil
This bug was fixed in the package lightdm - 1.10.1-0ubuntu1
---
lightdm (1.10.1-0ubuntu1) trusty; urgency=medium
* New upstream release:
- When switching to an existing session refresh PAM credentials and end
session cleanly so no resources leak. (LP: #1296276)
- Updat
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1296276
Title:
Unlocking with greeter fails to properly renew kerb
** Branch linked: lp:ubuntu/trusty-proposed/lightdm
** Branch linked: lp:ubuntu/utopic-proposed/lightdm
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1296276
Title:
Unlocking with g
Sorry for the delay, I wanted to wait with the testing until my ticket
lifetime ran out.
Anyway, I can confirm that using lightdm 1.10.1-0ubuntu1 causes the
ticket cache to be automatically refreshed upon unlocking the screen,
and there is no need to run kinit manually anymore. Again, I'm using
ss
Hello Brian, or anyone else affected,
Accepted lightdm into trusty-proposed. The package will build now and be
available at http://launchpad.net/ubuntu/+source/lightdm/1.10.1-0ubuntu1
in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wi
This bug was fixed in the package lightdm - 1.11.0-0ubuntu1
---
lightdm (1.11.0-0ubuntu1) utopic; urgency=medium
* New upstream release:
- When switching to an existing session refresh PAM credentials and end
session cleanly so no resources leak. (LP: #1296276)
- Suppo
** Changed in: lightdm
Milestone: None => 1.11.0
** Changed in: lightdm/1.10
Milestone: None => 1.10.1
** Changed in: lightdm/1.10
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ligh
** Description changed:
+ [Impact]
+ Aborted PAM authentications may leave artifacts behind. This is due to
LightDM not correctly calling pam_end on these.
+ Authenticating via a LightDM greeter does not refresh PAM credentials.
+
+ [Test Case]
+ 1. Lock screen using LightDM greeter
+ 2. Enter p
** Branch linked: lp:~robert-ancell/lightdm/setcred-on-unlock-1.10
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1296276
Title:
Unlocking with greeter fails to properly renew kerbero
** Changed in: lightdm/1.10
Status: Triaged => Fix Committed
** Changed in: lightdm
Status: Fix Committed => Fix Released
** Changed in: lightdm (Ubuntu)
Status: Triaged => In Progress
** Changed in: lightdm (Ubuntu)
Assignee: (unassigned) => Robert Ancell (robert-ancel
FWIW, I encountered a similar problem, using sssd instead of pam-krb5,
though. I can also confirm that the packages from the PPA make lightdm
correctly refresh Kerberos credentials and thus fix the issue I had. It
would be very welcome indeed if that fix made it into the trusty
repository proper.
I applied this to a VM to test, and it does indeed appear to do the
right thing. I can confirm that this code does seem to have the
intended effect.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpa
Note this is not released into trusty and is awaiting confirmation. I've
put this into ppa:ubuntu-desktop/ppa (https://launchpad.net/~ubuntu-
desktop/+archive/ppa).
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https:
Landed into lp:lightdm, merge proposal for 1.10 (what Ubuntu 14.04 is
using) is https://code.launchpad.net/~robert-ancell/lightdm/setcred-on-
unlock-1.10/+merge/214660
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
htt
There is no PPA, you can build with:
$ sudo apt-get build-dep lightdm
$ bzr branch lp:~robert-ancell/lightdm/setcred-on-unlock
$ cd setcred-on-unlock
$ bzr-buildpackage
** Also affects: lightdm/1.10
Importance: Undecided
Status: New
** Changed in: lightdm/1.10
Status: New => Tri
To move this along, I've built a VM I can test this fix on, but to speed
things up, is there a PPA I can use? I don't mind building it but I am
concerned about building it differently than the official build, so if
there is a PPA I can use I will gladly install this onto my VM and I can
tell you f
Robert Ancell writes:
> The merge proposal might be easier to review -
> https://code.launchpad.net/~robert-ancell/lightdm/setcred-on-
> unlock/+merge/212337
Ah, indeed, thank you! That looks very good here if it works. I'm still
worried about whether the right environment will be set for it t
The merge proposal might be easier to review -
https://code.launchpad.net/~robert-ancell/lightdm/setcred-on-
unlock/+merge/212337
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1296276
Robert Ancell writes:
> LightDM trunk never calls pam_setcred when you unlock using a greeter
> and this branch does. In a normal login pam_setcred is run as root so I
> don't think it's root that will be causing the problem (I guess the
> module drops the privileges on the file after calling pam
LightDM trunk never calls pam_setcred when you unlock using a greeter
and this branch does. In a normal login pam_setcred is run as root so I
don't think it's root that will be causing the problem (I guess the
module drops the privileges on the file after calling pam_setcred).
Thanks for catching
** Branch linked: lp:~robert-ancell/lightdm/setcred-on-unlock
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1296276
Title:
Unlocking with greeter fails to properly renew kerberos tic
25 matches
Mail list logo