Description of problem:
/etc/pam.d/system-auth is creating the pam_unix.so entry without the
try_first_pass option. With the deprecation of pam_stack module this is needed
so having prior optional auth modules don't require a password to be typed in twice.
Version-Release number of selected component (if applicable):
everytime if you have an optional auth module before the include
Steps to Reproduce:
1.edit /etc/pam.d/gdm and edit it so it looks like this
auth required pam_env.so
auth optional pam_unix.so
auth include system-auth
2.sudo killall gdm-binary
3.logging in as yourself will now require you to type the password twice
You have to type the password twice
You should only have to type in a single password
Should be fixed in latest authconfig and pam packages.