Bug#1056166: systemd-homed: `passwd` fails
Sam Hartman
hartmans at debian.org
Sun May 26 21:40:02 BST 2024
Hi.
I'm not really swapped in on Debian this weekend; dealing with a
transition for day job.
But quick thoughts.
I'm surprised that systemd-home is a pam auth module.
That is, I wouldn't expect systemd-home to be able to decide whether you
have presented valid credentials to log in.
It may be that it has an account entry point, but it's auth entry point
is trivial.
pam-auth-update assumes that you don't want to reenter a password.
So, it assumes the first module in the stack will take a password and
then we will reuse that.
Similarly for password, you don't want to for example change the ldap
and local passwords to different values.
compare the auth vs auth-initial password vs password-initial lines in
/usr/share/pam-configs/unix.
Will systemd-home work with an auth-type of additional rather than
primary?
More information about the Pkg-systemd-maintainers
mailing list