Bug 301031
Summary: | Smart Card Login card detection problems | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jack Magne <jmagne> |
Component: | gdm | Assignee: | Ray Strode [halfline] <rstrode> |
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | blord, rrelyea |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-09-27 18:44:47 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 235704 |
Description
Jack Magne
2007-09-21 18:53:27 UTC
sounds like the smart card detection code has bit rotten. Adding to F8Target I've done some investigation of the gdm side of the problem. It appears that this is some sort of configuration issue. The following code from "daemon/gdm.c" is not working. static void gdm_watch_for_security_tokens (void) { GError *error; ScSecurityTokenMonitor *monitor; gchar *driver; GKeyFile *cfg; cfg = g_key_file_new (); if (!g_key_file_load_from_file (cfg, GDM_SECURITY_TOKENS_CONF, 0, NULL)) { goto out; } if (!g_key_file_get_boolean (cfg, GDM_SECURITY_TOKENS_GROUP, GDM_SECURITY_TOKENS_KEY_ENABLED, NULL)) { gdm_debug ("security token support is not enabled Group: %s Enabled %s file %s",GDM_SECURITY_TOKENS_GROUP,GDM_SECURITY_TOKENS_KEY_ENABLED,GDM_SECURITY_TOKENS_CONF); goto out; } gdm_debug ("watching for security token insertion and removal events"); driver = g_key_file_get_string (cfg, GDM_SECURITY_TOKENS_GROUP, GDM_SECURITY_TOKENS_KEY_DRIVER, NULL); The line following is tripping every time in the log. gdm_debug ("security token support is not enabled Group: %s Enabled If the line "goto out" it commented out, the smart card monitoring system is started up and appears to work. I haven't quite figured out why this isn't working. It looks like the code to read in that config value was different in an earlier version of this. The config file in question is located in /etc/gdm/securitytokens.conf It looks like this: [SecurityTokens] Enable=true #Driver=/usr/lib/pkcs11/libcoolkeypk11.so The log is showing the following warning I believe after trying to read in the value: DEBUG: Attempting to parse key string: xdmcp/Enable=false Hopefully a similar problem is happening with the screensaver. Shouldn't that be Enabled=true instead of Enable=true? What's the value of GDM_SECURITY_TOKENS_KEY_ENABLED ? The value of GDM_SECURITY_TOKENS_KEY_ENABLED is "Enabled" I will try that suggestion. I've also noted that in the previous distro, the config file looks the same with "Enable=true" as the value set in the file. turns out we've always gotten the config file wrong, so it's fallen back to the compiled in default value (which was what the config file was supposed to have in it). At some point the patch got updated to use a different config file parsing api, and the compiled in default changed. anyway, it's now failing because coolkey isn't in secmod. Jack mentioned there is a different bug tracking that, so i'm going to close this one RAWHIDE. |