Description of problem: New F21 install with stock sddm config: # cat /etc/pam.d/sddm auth [success=done ignore=ignore default=bad] pam_selinux_permit.so auth substack password-auth -auth optional pam_gnome_keyring.so -auth optional pam_kwallet.so auth include postlogin account required pam_nologin.so account include password-auth password include password-auth session required pam_selinux.so close session required pam_loginuid.so session optional pam_console.so -session optional pam_ck_connector.so session required pam_selinux.so open session optional pam_keyinit.so force revoke session required pam_namespace.so session include password-auth -session optional pam_gnome_keyring.so auto_start -session optional pam_kwallet.so session include postlogin but wallet is not opened automatically. There was at least one report a while back on the kde list that the gnome keyring was not being opened either, so perhaps it just is not processing PAM correctly. Version-Release number of selected component (if applicable): sddm-0.2.0-0.31.20140627gitf49c2c79.fc21.x86_64 pam-kwallet-0-0.4.20140428gitaf786456.fc21.x86_64
I'm seeing this too. Just a data point /var/log/audit/audit.log includes some perhaps relavent success messages: type=USER_AUTH msg=audit(1410517707.399:347): pid=1134 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantor=pam_unix,pam_kwallet acct="rdieter1" exe="/usr/libexec/sddm-helper" hostname=? addr=? terminal=? res=success' type=USER_ACCT msg=audit(1410517707.402:348): pid=1134 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantor=pam_unix,pam_localuser acct="rdieter1" exe="/usr/libexec/sddm-helper" hostname=? addr=? terminal=? res=success' type=AVC msg=audit(1410517707.408:349): avc: denied { write } for pid=1106 comm="sddm" name="sddm.conf" dev="sda4" ino=6160881 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 type=CRED_ACQ msg=audit(1410517707.409:350): pid=1134 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantor=pam_unix,pam_kwallet acct="rdieter1" exe="/usr/libexec/sddm-helper" hostname=? addr=? terminal=? res=success' type=LOGIN msg=audit(1410517707.409:351): pid=1134 uid=0 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 old-ses=4294967295 ses=1 res=1 type=USER_ROLE_CHANGE msg=audit(1410517707.508:352): pid=1134 uid=0 auid=1000 ses=1 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/libexec/sddm-helper" hostname=? addr=? terminal=:0 res=success' type=USER_ACCT msg=audit(1410517707.530:353): pid=1139 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:accounting grantor=pam_unix,pam_localuser acct="rdieter1" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' type=USER_START msg=audit(1410517707.531:354): pid=1139 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:session_open grantor=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="rdieter1" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' type=SERVICE_START msg=audit(1410517707.539:355): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="user@1000" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' type=USER_START msg=audit(1410517707.565:356): pid=1134 uid=0 auid=1000 ses=1 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantor=pam_selinux,pam_loginuid,pam_selinux,pam_keyinit,pam_namespace,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_kwallet,pam_lastlog acct="rdieter1" exe="/usr/libexec/sddm-helper" hostname=? addr=? terminal=:0 res=success'
sddm-0.9.0-1.20141007git6a28c29b.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/sddm-0.9.0-1.20141007git6a28c29b.fc21
sddm-0.9.0-1.20141007git6a28c29b.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/sddm-0.9.0-1.20141007git6a28c29b.fc20
sddm-0.9.0-1.20141007git6a28c29b.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/sddm-0.9.0-1.20141007git6a28c29b.fc19
Package sddm-0.9.0-1.20141007git6a28c29b.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing sddm-0.9.0-1.20141007git6a28c29b.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-12308/sddm-0.9.0-1.20141007git6a28c29b.fc20 then log in and leave karma (feedback).
This still doesn't work for me with sddm-0.9.0-2.20141007git6a28c29b.fc21.x86_64 after logging in, and networkmanager asks for opening kwallet, kwallet isn't opened by default?
It's not working yet for me either, I'll dig some more to see if I can find out what's going wrong.
I'm pretty sure this was working for me for a while, but has stopped again recently. However, sddm is started kwalletd: sddm-helper(1039)─┬─kwalletd(1109) ├─startkde(1114)─┬─kwrapper4(1354) │ └─ssh-agent(1155) But I end up with two kwalletd processes: orion 1109 1039 0 21:17 ? 00:00:00 /usr/bin/kwalletd --pam-login 20 24 orion 1590 1 0 21:17 ? 00:00:00 kdeinit4: kwalletd [kdeinit] $ grep -E 'wallet|ssh' .xsession-errors klauncher(1277)/kio (KLauncher) KLauncher::processRequestReturn: "/bin/ssh-add" (pid 1562) up and running. ksshaskpass(1563)/kdeui (Wallet) KWallet::Wallet::openWallet: Pass a valid window to KWallet::Wallet::openWallet(). klauncher(1277)/kio (KLauncher) KLauncher::processRequestReturn: "/bin/kwalletd" (pid 1589) up and running. ksshaskpass(1563)/kdeui (Wallet) KWallet::KWalletDLauncher::getInterface: The kwalletd service has been registered kwalletd(1590)/kdeui (Wallet) kdemain: kwalletd started kwalletd(1590)/kdeui (Wallet) kdemain: Not pam login kwalletd(1590) KWallet::Backend::setPassword: Setting useNewHash to true kwalletd(1590) KWallet::Backend::openInternal: Wallet new enough, using new hash kwalletd(1590)/kdeui (Wallet) KWalletD::setupDialog: Application ' "Ksshaskpass" ' using kwallet without parent window! kwalletd(1590) KWallet::Backend::setPassword: Setting useNewHash to true kwalletd(1590) KWallet::Backend::openInternal: Wallet new enough, using new hash So we may be facing a new bug, but I'm not sure where or what. But ksshaskpass should have found the already opened wallet.
I've filed bug #1155873 for this new issue.
sddm-0.9.0-2.20141007git6a28c29b.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
sddm-0.9.0-2.20141007git6a28c29b.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.