phosh.unit should load PAM session
I'm using ecryptfs for my whole home directory, with PAM setup as described in Arch ecryptfs automount setup. It works fine when logging in from GDM or ssh, but fails when running phosh without a Display Manager.
I'm aware that phosh.unit
already pulls some PAM authentication process, but it doesn't do the session part, as mentioned in Librem5 OS issue 65, even though /etc/pam.d/phosh
contains the line :
session include system-local-login
which in turn loads said ecryptfs lines.
I wonder if it's phosh not using said line, or if it's that the session was already opened and so (supposedly) the ecryptfs unwrapping fails.
Related issues
- Librem5 OS issue 148 is about using a DM. Solving it would certainly solve this
- concerns about gnome-keyring:
- #397 says phosh should setup the PAM session part, as a means to have gnome-keyring unlocked, and links to pmos issue 823
- Librem5 OS issue 65 says mostly the same
- @guidog's MR 282 on librem5-base aims at solving said issue 65, though I didn't get if relying on PAM modifications
- pmos issue 879 describes issues having gnome-keyring unlocked when its password matches that of Full-Disk Encryption, and links to
- this comment of pmos issue 823 (part on FDE), that says if FDE's password is the same as login password phosh should do full pam login anyway
Environment
I'm running phosh in latest Arch on a pinephone.