Version: (using KDE 4.1.4) Compiler: Sun Studio 12 OS: Solaris Installed from: Solaris Packages Unlocking a locked screen with correct password results in following error message: "Cannot unlock the session because authentication system failed to work; you must kill krunner_lock (pid X,XXX) manually." This is with chmod +s on kcheckpass. Executing the following dtrace script often positively affects the behavior (the screen gets unlocked): # /opt/DTT/dtruss -n kcheckpass
Still valid in 4.2.96.
Suggested patches: --- kcheckpass/checkpass_pam.c.orig 2008-05-07 11:05:23.000000000 +0200 +++ kcheckpass/checkpass_pam.c 2009-07-18 10:07:07.278635793 +0200 @@ -38,12 +38,12 @@ int classic:1; }; -#ifdef PAM_MESSAGE_NONCONST -typedef struct pam_message pam_message_type; -typedef void *pam_gi_type; -#else +#ifdef PAM_MESSAGE_CONST typedef const struct pam_message pam_message_type; typedef const void *pam_gi_type; +#else +typedef struct pam_message pam_message_type; +typedef void *pam_gi_type; #endif static int $ svn diff kdebase/workspace/README.pam Index: kdebase/workspace/README.pam =================================================================== --- kdebase/workspace/README.pam (revision 998614) +++ kdebase/workspace/README.pam (working copy) @@ -13,8 +13,8 @@ Known Solaris Issues: -------------------- -For compiling PAM support on Solaris, PAM_MESSAGE_NONCONST must -be defined. This should now be handled automatically by the +For compiling PAM support on Solaris, PAM_MESSAGE_CONST must NOT +be defined. This should now be handled automatically by the configure script. === The configure script defines PAM_MESSAGE_CONST, not PAM_MESSAGE_NONCONST.
SVN commit 1031391 by ossi: fix kcheckpass on solaris PAM_MESSAGE_NONCONST was transformed into !PAM_MESSAGE_CONST quite a while ago. BUG: 184465 M +2 -2 README.pam M +4 -4 kcheckpass/checkpass_pam.c WebSVN link: http://websvn.kde.org/?view=rev&revision=1031391
Reopening, since while the integrated fix corrected kcheckpass binary, it didn't solve the screen locker issue in description. While trying to find the root cause, I believe it's a lot like the following: http://lists.xcf.berkeley.edu/lists/gimp-developer/2000-November/013572.html I managed to work around the problem on OpenSolaris with the following patch, however this might break the behaviour on Linux. It would be good to come up with something portable. --- krunner/lock/lockdlg.cc.orig 2010-01-24 04:40:03.680732515 +0100 +++ krunner/lock/lockdlg.cc 2010-01-24 04:44:09.398214340 +0100 @@ -319,7 +319,26 @@ sNot->deleteLater(); ::close( sFd ); int status; - ::waitpid( sPid, &status, 0 ); + + /* On Solaris, the following ::waitpid is immediately interrupted, + * making it fail with EINTR. No status is obtained, even if kcheckpass + * returns 0 (AuthOk). As a result, user won't be able to unlock the screen. + * + * Let's grab the signal by sleep(), before we find a nicer solution. + */ + sleep(10); + + pid_t wpid; + wpid = ::waitpid( sPid, &status, 0 ); + if (wpid < 0) { + if (errno == EINTR) { + /* Modified version of cantCheck(). */ + greet->failed(); + static_cast< LockProcess* >(parent())->msgBox( this, QMessageBox::Critical, + "Failed to obtain status from kcheckpass child process.\n"); + abort(); + } + } else if (WIFEXITED(status)) switch (WEXITSTATUS(status)) { case AuthOk:
your patch is somewhat baroque ... :) try this instead: diff --git a/krunner/lock/lockdlg.cc b/krunner/lock/lockdlg.cc index c69371a..f9323ca 100644 --- a/krunner/lock/lockdlg.cc +++ b/krunner/lock/lockdlg.cc @@ -320,5 +320,7 @@ void PasswordDlg::reapVerify() ::close( sFd ); int status; - ::waitpid( sPid, &status, 0 ); + while (::waitpid( sPid, &status, 0 ) < 0) + if (errno != EINTR) // This should not happen ... + goto authBad; if (WIFEXITED(status)) switch (WEXITSTATUS(status)) { @@ -328,4 +330,5 @@ void PasswordDlg::reapVerify() return; case AuthBad: + authBad: greet->failed(); mUnlockingFailed = true; anyway, it's well within the possibilities that you just debugged bug 217882. :D
(In reply to comment #5) > your patch is somewhat baroque ... :) As long as it serves its purpose ... > diff --git a/krunner/lock/lockdlg.cc b/krunner/lock/lockdlg.cc > index c69371a..f9323ca 100644 > --- a/krunner/lock/lockdlg.cc > +++ b/krunner/lock/lockdlg.cc > @@ -320,5 +320,7 @@ void PasswordDlg::reapVerify() > ::close( sFd ); > int status; > - ::waitpid( sPid, &status, 0 ); > + while (::waitpid( sPid, &status, 0 ) < 0) > + if (errno != EINTR) // This should not happen ... > + goto authBad; > if (WIFEXITED(status)) > switch (WEXITSTATUS(status)) { > @@ -328,4 +330,5 @@ void PasswordDlg::reapVerify() > return; > case AuthBad: > + authBad: > greet->failed(); > mUnlockingFailed = true; > Thanks, this works in my test environment just fine. Are you about to commit it? > anyway, it's well within the possibilities that you just debugged bug 217882. > :D Cool :)
SVN commit 1082437 by ossi: waitpid() may get INTerRupted BUG: 184465 CCBUG: 217882 M +5 -1 lockdlg.cc WebSVN link: http://websvn.kde.org/?view=rev&revision=1082437