x11/gnome-screensaver-2.22.1 is not unlocking screen on entry of correct password.

Andrew Reilly areilly at bigpond.net.au
Mon Apr 7 07:08:04 UTC 2008

On Mon, Apr 07, 2008 at 04:36:51PM +1000, Andrew Reilly wrote:
> On Sun, Apr 06, 2008 at 01:51:13PM -0400, Joe Marcus Clarke wrote:
> > >     Joe> This is typically the case when one builds gnome-screensaver with PAM
> > >     Joe> support, but they are currently using a PAM module which requires the
> > >     Joe> executable be setuid root (e.g. pam_unix).  The only workaround is to
> > >     Joe> rebuild gnome-screensaver without PAM support, or use a different PAM
> > >     Joe> module which does not require root privileges.
> > > 
> > > I've tried copying /etc/pam.d/gdm to /etc/pam.d/gnome-screensaver, but
> > > also thats of no use. Any ideas, why is that not working inspite of
> > > /usr/local/libexec/gnome-screensaver-dialog being setuid, hmm...?
> > 
> > PAM and gnome-screensaver do not work together if you are using
> > pam_unix.  Rebuild gnome-screensaver without PAM support, and it will
> > instead read /etc/master.passwd directly to authenticate the user.  That
> > will work.

Just to add a bit more noise to this discussion: I've just re-configured
gnome-screensaver to not use PAM, and re-installed.  When doing so, I
discovered that this installs gnome-screensaver-dialog, which is setuid
root.  Clearly, that's necessary in order to look at master.passwd
directly.  Isn't the same setuid-root done when PAM is involved?



More information about the freebsd-gnome mailing list