Description of problem: If we have logged in with a particular smart card, an environment variable is set. pam_pkcs11 needs to examine that variable and not allow additional authentications unless it is with that particular smart card. Version-Release number of selected component (if applicable): FC6 test 2, devel
*** Bug 202264 has been marked as a duplicate of this bug. ***
*** Bug 195958 has been marked as a duplicate of this bug. ***
Fixed in pam_pkcs11-0.5.3-17
Release Criteria match 16.d
I tried again on my i386 box and I can definitely reproduce this bug there too now. The main difference between my current i386 box and my x86_84 box is that my x86_64 box doesn't lock when the smart card is removed due to bug#208018 and to reproduce this bug there I have to manually lock the screen. Steps to Reproduce: 1. From the menu; System -> Administration -> Authentication -> Authentication tab 2. Configure Smart Card -> Card Removal Action -> Lock 3. Log in with a smart card 4. Remove the smart card 5. Re-insert the smart card 6. Type Kerberos ID to login I can login with kerberos ID after first logging in with a Smart Card. This should not be allowed. REOPEN - FAILS_QA
Fixed in pam_pkcs11-0.5.3-21
$ rpm -qa | grep pam_pkcs11 pam_pkcs11-0.5.3-22 pam_pkcs11-0.5.3-22 VERIFIED fixed against 20061006.2
Closing out as included in latest RHEL5 builds (20061111.0)