Bug 182350

Summary: pam_unix.so auth entry in system-auth should be created with try_first_pass
Product: [Fedora] Fedora Reporter: Jon Nettleton <jon.nettleton>
Component: authconfigAssignee: Tomas Mraz <tmraz>
Status: CLOSED RAWHIDE QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhide   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-03-03 14:06:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 150221    

Description Jon Nettleton 2006-02-21 23:01:27 UTC
Description of problem:
/etc/pam.d/system-auth is creating the pam_unix.so entry without the
try_first_pass option.  With the deprecation of pam_stack module this is needed
so having prior optional auth modules don't require a password to be typed in twice.

Version-Release number of selected component (if applicable):


How reproducible:
everytime if you have an optional auth module before the include

Steps to Reproduce:
1.edit /etc/pam.d/gdm and edit it so it looks like this

auth       required     pam_env.so
auth       optional     pam_unix.so
auth       include      system-auth
2.sudo killall gdm-binary
3.logging in as yourself will now require you to type the password twice
  
Actual results:
You have to type the password twice

Expected results:
You should only have to type in a single password

Additional info:

Comment 1 Tomas Mraz 2006-03-03 14:06:36 UTC
Should be fixed in latest authconfig and pam packages.