#3165 login using gdm calls for gdm-smartcard when smartcard authentication is not enabled
Closed: Fixed None Opened 3 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1371631

Description of problem:
gdm calls for gdm-smartcard when smartcard authentication is not enabled

Version-Release number of selected component (if applicable):
gdm-3.14.2-18.el7.x86_64

How reproducible:
always

Steps to Reproduce:
1. Install ipa-client and enable smartcard login using sssd by making the
following change in sssd.conf

[pam]
pam_cert_auth = True

2. Trust the signing certs associated with the smartcard under /etc/pki/nssdb

3. Login using smartcard

4. Screen locks due to inactivity

5. login attempt prompts for pin

Actual results:
Auth fails

Expected results:
Auth should be successful

Additional info:

Seeing the following in /var/log/secure

Aug 30 11:48:00 dhcp129-53 gdm-smartcard]: pam_pkcs11(gdm-smartcard:auth): no
valid certificate which meets all requirements found

/etc/dconf/db/distro.d/10-authconfig says enable-smartcard-authentication=false

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
patch: 0 => 1
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.14.2

Fields changed

owner: somebody => sbose

Fields changed

resolution: => fixed
status: new => closed

Metadata Update from @jhrozek:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.14.2

2 years ago

Login to comment on this ticket.

Metadata