|
Bugzilla – Full Text Bug Listing |
| Summary: | Kwallet (with gpg key encrytion) does accept the password input to open the wallet only after about 8 repetitions | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Distribution | Reporter: | Stakanov Schufter <stakanov> |
| Component: | KDE Applications | Assignee: | E-Mail List <opensuse-kde-bugs> |
| Status: | RESOLVED WONTFIX | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | astieger |
| Version: | Leap 42.2 | ||
| Target Milestone: | --- | ||
| Hardware: | x86-64 | ||
| OS: | openSUSE 42.2 | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Stakanov Schufter
2017-06-09 06:56:01 UTC
(In reply to Stakanov Schufter from comment #0) > This is reproducible stable to a 100% I would like to say from the beginning that if something happens on your machine, it does not mean that you have a reproduction recipe for how to recreate this situation. So, what about this: as it is reproducible at every password entry on this machine, it should be possible to document it. Once documented it, it shall be possible to understand what happens. Please advice how to create the necessary documentation (debug packages needed, commands to be run). And I will be happy to do so. P.S. sorry for having one time used the wrong email address (to ibm) for needinfo. I did not see that you are three times in the system. So will not happen again. Just base instructions how to set up an openSUSE installation (maybe in a VM) to take you to this behavior. Just basic text steps are sufficient, e.g.: install from DVD, select pattern X, open kwallet, select gpg option... and so on. Well the problem is: this was a totally standard install. And the thing happened yesterday: system did not accept the password input anymore. After a reboot the mess.
So, what logfiles from yesterday should I provide to look into it?
X-errors?
journal?
If the system is compromised by this (which is obvious) I will do a total new install. Maybe the best is to use a virtual machine every time I am on the web and throw the image away once done. Normally I am using a hardware solution, but currently it is physically broken so I need to buy a new one. Then passwordless export of kgpg is not a problem as the key cannot be exported from the token.
Sincerely I think for the sake of safety and usability, it would be good to understand what is happening here.
There is one anomalous warning in rkhunter:
mercurio (the new post account) is 1001
olpost (the renamed old post account is 1004
In rkhunter there is the following warning:
Warning: Changes found in the passwd file for user 'scard':
Warning: Changes found in the passwd file for user 'mercurio':
The UID has changed from '1001' to '1004'
Warning: User 'oldpost' has been added to the passwd file.
Warning: The SSH configuration option 'PermitRootLogin' has not been set.
The default value may be 'yes', to allow root access.
Warning: The SSH configuration option 'Protocol' has not been set.
The default value may be '2,1', to allow the use of protocol version 1.
Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
This is strange because mercurio cannot change to 1004 as it is an old and invalid account.
See also:
cat /etc/passwd | grep "/home"
connectix:x:1000:100::/home/connectix:/bin/bash
entropia:x:1002:100::/home/entropia:/bin/bash
hanyu:x:1003:100::/home/hanyu:/bin/bash
mercurio:x:1001:100::/home/mercurio:/bin/bash
oldpost:x:1004:100::/home/oldpost:/bin/bash
lastlog does not show anything strange.
And disregard this, as it is normal. I did rename mercurio. Then I did change the user ID. Later I did create a new user with the name mercurio and migrated the directory content. Then I did create a new kgpg key I then opened kontakt, imported the mail without and addresses from an archive. And I did set up from the scratch all new accounts. It worked fine for a few days and than this strange "passwordless" behavior. So the given info is probably unrelated. This is automated batch bugzilla cleanup. The openSUSE 42.2 changed to end-of-life (EOL [1]) status. As such it is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of openSUSE, or you can still observe it under openSUSE Leap 15.0, please feel free to reopen this bug against that version (see the "Version" component in the bug fields), or alternatively open a new ticket. Thank you for reporting this bug and we are sorry it could not be fixed during the lifetime of the release. [1] https://en.opensuse.org/Lifetime |