[LightDM] [PATCHES] Multiple prompts in a single PAM conversation round

Robert Ancell robert.ancell at gmail.com
Wed Feb 5 09:29:09 PST 2014 

A quick review:

You shouldn't strictly need the signal to handle multiple prompts - you
just append a new prompt each time liblightdm-gobject generates a signal
and remove them all when you have responded to all the prompts. (This is
what Unity Greeter does). A group of prompts is guaranteed to be signalled
in a row in the same thread.

It doesn't seem like a bad idea to add the signal for "end of prompts"
though if that helps greeters to implement multiple prompts. Ideally we
wouldn't need it and the API would have been designed to handle multiple
prompts properly - that was a design mistake I made early on*. If you do
use the signal note that the greeters will need to depend on the latest
lightdm - this may delay distribution.

*And a good case for fixing with an API break in the future.

--Robert


On 5 February 2014 16:29, Christian Seiler <christian at iwakd.de> wrote:

> Hi,
>
> when using pam_krb5, I've run into the following problem w.r.t to lightdm:
>
> If a user's password is set to expire, i.e. the user needs to change it
> the first time they log in again, pam_krb5 will ask for the new password
> and the repeated version of the new password during the authentication
> phase (before authentication is complete). For this it uses two prompts
> in the same PAM conversation round. This is in principle handled
> properly in LightDM on the server side, but neither the GTK nor the KDE
> greeter implement this properly. (I haven't tried any other, but I
> suspect they suffer from the same problem.)
>
> The first patch modifies liblightdm-gobject and liblightdm-qt to provide
> an additional signal that allows the greeter to know that all
> prompt/message signals for the specific conversation round have been
> processed. The second patch modifies lightdm-gtk-greeter to make use of
> it (while still allowing it to be compiled and/or run against older
> versions of liblightdm-gobject). I plan on looking at the KDE greeter
> next, the GTK one was just the simplest one to patch in this context.
>
> Regards,
> Christian
>
> PS: I'm not subscribed to the mailing list, so please put me on Cc for
> replies.
>
> PPS: Since this is my first time doing something with bzr (I mainly use
> git and have dabbled in mercurial), I'm sorry if I don't know the proper
> etiquette for providing patches. For now I have attached the output
> generated by bzr send -o (I recon this is similar to git format-patch?)
> to this email, but if you prefer a different style (inline, as
> attachments in the bugtracker, ...), please let me know.
>
> _______________________________________________
> LightDM mailing list
> LightDM at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/lightdm
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/lightdm/attachments/20140205/ba17ca60/attachment.html>

More information about the LightDM mailing list