pam_fprintd is very careful to use its own main loop context (as it
should) to prevent getting in the way of the gnome-screensaver.
Unfortunately, there's a small bug in its logic where it ends up
removing a random file descriptor from the default context. In the
bug report that file descriptor is really important. It's what
tells gnome-screensaver when to drop the dialog.
The patch is as simple as:
- g_source_remove (timeout_id);
+ g_source_destroy (source);
(g_source_remove always operates on the default context)
https://bugzilla.redhat.com/show_bug.cgi?id=614573
Pretty hacky way to detect whether the device we're handling has
been disconnected during a verify or enrollment. This should allow
us to avoid users having to wait when somebody pulls the plug.
On Mon, 2009-01-12 at 12:18 +0000, Konstantin V. Gavrilenko wrote:
> Hi Bastien,
>
> by default the fprintd installs the pam_fprintd into the /usr/lib64/security, whil egentoo searches them in /lib/security.
> So I simply simlinked it to the correct location /usr/lib64/security/pam_fprintd.so to /lib/security/pam_fprintd.so
> I've removed the symlink, and copied the file, but it does not change anything, the same error appears.
>
> As you asked, recompiled some of the packages with "-O1 -gddb" and "nostrip" options.
> #4 0x00007fa3344a3899 in dbus_connection_unref (connection=0x624e20) at dbus-connection.c:2686
> __FUNCTION__ = "dbus_connection_unref"
> #5 0x00007fa334915284 in pam_sm_authenticate (pamh=0x6105c0, flags=<value optimized out>, argc=<value optimized out>, argv=<value optimized out>) at pam_fprintd.c:375
> rhost = 0x0
> username = 0x610740 "root"
> i = <value optimized out>
> r = 0
Could you please test the attached patch?
Cheers
cd ./html && gtkdoc-mkhtml fprintd ../fprintd-docs.xml
../fprintd-docs.xml:79: element include: XInclude error : ../../COPYING
contains invalid char
../fprintd-docs.xml:79: element include: XInclude error : could not load
../../COPYING, and no fallback was found
Remove the Ctrl-L characters in the COPYING file.
- Use D-Bus native properties instead of a GetProperties call.
- Fix a number of front-ends by registering the right signals and
marshallers following the "done" signal argument addition
- Fix VerifyStart call in the pam module
This is a gross hack for PAM sessions to work as expected. root
is allowed to verify any users. If you want to allow any other
actions for root, you'll need to go through normal PolicyKit
procedures.
This should fix fingerprint authentication not working in GDM, or
on the console.
