[Bug 952771] Re: Gnome Screensaver should handle expired password tokens

[Robert Ancell]

Thanks urusha,

The patch looks good to me and I've put it into raring. I used your
debdiff and added a patch header (http://dep.debian.net/deps/dep3/).

This change aligns with our longer term plans to get rid of gnome-
screensaver and just use the greeter as the lock interface (the greeter
would require a password change).

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/952771

Title:
  Gnome Screensaver should handle expired password tokens

Status in GNOME Screensaver:
  New
Status in “gnome-screensaver” package in Ubuntu:
  Fix Committed

Bug description:
  Gnome Screensaver should handle expired password tokens.  Currently it does
  not. It just unlocks screen, so in case you're using kerberos -  your credentials cache stays expired and you need to manually change your password or logout and then login again (lightdm, gdm, etc. do handle expired password tokens).
  Actually, there is a mainstream bugreport with patch solving the problem, but it seems noone is interested in solving this issue:
  https://bugzilla.gnome.org/show_bug.cgi?id=648875
  The patch provided by Brian C. Huffman solves the issue and is compatible with today's GS behavior (it can be emulated using special pam config, see comment 9 there).
  Both solutions using this patch (with and without "passwd required pam_permit.so") tested by me with oneiric's gnome-screensaver-3.2.0-ubuntu1 and work as expected.
  This is really nice improvement for big corporate environments. So, It would be nice to apply this patch even if it's not in upstream 
  yet.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-screensaver/+bug/952771/+subscriptions