I need help with merging /etc/pam.d/sddm.pacnew

Support
1

I managed today all my pacnew files, but in /etc/pam.d/sddm this is another level.

I have absolute no clue, whats going on there…

SDDM
SDDM2560×1396 109 KB

Here are also the code from the sddm.pacnew file:

auth        include     system-login
-auth       optional    pam_gnome_keyring.so
-auth       optional    pam_kwallet5.so

account     include     system-login

password    include     system-login
-password   optional    pam_gnome_keyring.so    use_authtok

session     optional    pam_keyinit.so          force revoke
session     include     system-login
-session    optional    pam_gnome_keyring.so    auto_start
-session    optional    pam_kwallet5.so         auto_start

$ inxi --admin --verbosity=7 --filter --no-host --width:

System:
  Kernel: 6.1.44-1-MANJARO arch: x86_64 bits: 64 compiler: gcc v: 13.2.1
    parameters: BOOT_IMAGE=/vmlinuz-6.1-x86_64
    root=UUID=eb235aa7-d461-413d-800e-ea57385703fb rw quiet
    sysrq_always_enabled=1 retbleed=off
    resume=UUID=717b267e-7322-4bf9-a840-f1210d422d1a udev.log_priority=3
  Desktop: KDE Plasma v: 5.27.7 tk: Qt v: 5.15.10 wm: kwin_x11 vt: 2 dm: SDDM
    Distro: Manjaro Linux base: Arch Linux
Machine:
  Type: Desktop System: Gigabyte product: Z170X-UD3 v: N/A
    serial: <superuser required>
  Mobo: Gigabyte model: Z170X-UD3-CF v: x.x serial: <superuser required>
    UEFI-[Legacy]: American Megatrends v: F23d date: 12/01/2017
Memory:
  System RAM: total: 16 GiB available: 15.58 GiB used: 2.44 GiB (15.7%)
  RAM Report: permissions: Unable to run dmidecode. Root privileges required.
CPU:
  Info: model: Intel Core i7-6700K bits: 64 type: MT MCP arch: Skylake-S
    gen: core 6 level: v3 note: check built: 2015 process: Intel 14nm family: 6
    model-id: 0x5E (94) stepping: 3 microcode: 0xF0
  Topology: cpus: 1x cores: 4 tpc: 2 threads: 8 smt: enabled cache:
    L1: 256 KiB desc: d-4x32 KiB; i-4x32 KiB L2: 1024 KiB desc: 4x256 KiB
    L3: 8 MiB desc: 1x8 MiB
  Speed (MHz): avg: 4125 high: 4500 min/max: 800/4700 scaling:
    driver: intel_pstate governor: performance cores: 1: 4000 2: 4000 3: 4000
    4: 4500 5: 4000 6: 4000 7: 4500 8: 4000 bogomips: 64026
  Flags: 3dnowprefetch abm acpi adx aes aperfmperf apic arat
    arch_capabilities arch_perfmon art avx avx2 bmi1 bmi2 bts clflush
    clflushopt cmov constant_tsc cpuid cpuid_fault cx16 cx8 de ds_cpl dtes64
    dtherm dts ept ept_ad erms est f16c flexpriority flush_l1d fma fpu
    fsgsbase fxsr ht hwp hwp_act_window hwp_epp hwp_notify ibpb ibrs ida
    intel_pt invpcid invpcid_single lahf_lm lm mca mce md_clear mmx monitor
    movbe mpx msr mtrr nonstop_tsc nopl nx pae pat pbe pcid pclmulqdq pdcm
    pdpe1gb pebs pge pln pni popcnt pse pse36 pti pts rdrand rdseed rdtscp
    rep_good sdbg sep smap smep ss ssbd sse sse2 sse4_1 sse4_2 ssse3 stibp
    syscall tm tm2 tpr_shadow tsc tsc_adjust tsc_deadline_timer vme vmx vnmi
    vpid x2apic xgetbv1 xsave xsavec xsaveopt xsaves xtopology xtpr
  Vulnerabilities:
  Type: gather_data_sampling status: Not affected
  Type: itlb_multihit status: KVM: VMX disabled
  Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT
    vulnerable
  Type: mds mitigation: Clear CPU buffers; SMT vulnerable
  Type: meltdown mitigation: PTI
  Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable
  Type: retbleed status: Vulnerable
  Type: spec_rstack_overflow status: Not affected
  Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via
    prctl
  Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer
    sanitization
  Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, IBRS_FW,
    STIBP: conditional, RSB filling, PBRSB-eIBRS: Not affected
  Type: srbds mitigation: Microcode
  Type: tsx_async_abort mitigation: TSX disabled
Graphics:
  Device-1: NVIDIA TU102 [GeForce RTX 2080 Ti Rev. A] vendor: Micro-Star MSI
    driver: nvidia v: 535.98 alternate: nouveau,nvidia_drm non-free: 535.xx+
    status: current (as of 2023-07) arch: Turing code: TUxxx
    process: TSMC 12nm FF built: 2018-22 pcie: gen: 3 speed: 8 GT/s lanes: 16
    bus-ID: 01:00.0 chip-ID: 10de:1e07 class-ID: 0300
  Display: x11 server: X.Org v: 21.1.8 compositor: kwin_x11 driver: X:
    loaded: nvidia gpu: nvidia display-ID: :0 screens: 1
  Screen-1: 0 s-res: 2560x1440 s-dpi: 122 s-size: 532x302mm (20.94x11.89")
    s-diag: 612mm (24.08")
  Monitor-1: DP-4 res: 2560x1440 dpi: 123 size: 527x296mm (20.75x11.65")
    diag: 604mm (23.8") modes: N/A
  API: OpenGL v: 4.6.0 NVIDIA 535.98 renderer: NVIDIA GeForce RTX 2080
    Ti/PCIe/SSE2 direct-render: Yes
Audio:
  Device-1: Intel 100 Series/C230 Series Family HD Audio vendor: Gigabyte
    driver: snd_hda_intel v: kernel bus-ID: 00:1f.3 chip-ID: 8086:a170
    class-ID: 0403
  Device-2: NVIDIA TU102 High Definition Audio vendor: Micro-Star MSI
    driver: snd_hda_intel v: kernel pcie: gen: 3 speed: 8 GT/s lanes: 16
    bus-ID: 01:00.1 chip-ID: 10de:10f7 class-ID: 0403
  Device-3: Creative Labs CA0132 Sound Core3D [Sound Blaster Recon3D /
    Z-Series BlasterX AE-5 Plus] driver: snd_hda_intel v: kernel pcie: gen: 1
    speed: 2.5 GT/s lanes: 1 bus-ID: 0b:00.0 chip-ID: 1102:0012 class-ID: 0403
  API: ALSA v: k6.1.44-1-MANJARO status: kernel-api with: aoss
    type: oss-emulator tools: alsactl,alsamixer,amixer
  Server-1: JACK v: 1.9.22 status: off tools: N/A
  Server-2: PipeWire v: 0.3.77 status: off with: pipewire-media-session
    status: active tools: pw-cli
  Server-3: PulseAudio v: 16.1 status: active with: 1: pulseaudio-alsa
    type: plugin 2: pulseaudio-jack type: module tools: pacat,pactl
Network:
  Device-1: Intel Ethernet I219-V vendor: Gigabyte driver: e1000e v: kernel
    port: N/A bus-ID: 00:1f.6 chip-ID: 8086:15b8 class-ID: 0200
  IF: enp0s31f6 state: up speed: 1000 Mbps duplex: full mac: <filter>
  IP v4: <filter> type: dynamic noprefixroute scope: global
    broadcast: <filter>
  IP v6: <filter> type: noprefixroute scope: link
  WAN IP: <filter>
Bluetooth:
  Message: No bluetooth data found.
Logical:
  Message: No logical block device data found.
RAID:
  Message: No RAID data found.
Drives:
  Local Storage: total: 5.93 TiB used: 310.08 GiB (5.1%)
  SMART Message: Unable to run smartctl. Root privileges required.
  ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Corsair model: MP600 PRO LPX
    size: 1.82 TiB block-size: physical: 512 B logical: 512 B speed: 63.2 Gb/s
    lanes: 4 tech: SSD serial: <filter> fw-rev: EIFM31.6 temp: 39.9 C
    scheme: GPT
  ID-2: /dev/sda maj-min: 8:0 vendor: Samsung model: SSD 860 PRO 1TB
    size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s
    tech: SSD serial: <filter> fw-rev: 2B6Q scheme: MBR
  ID-3: /dev/sdb maj-min: 8:16 vendor: HGST (Hitachi) model: HDN724030ALE640
    size: 2.73 TiB block-size: physical: 4096 B logical: 512 B speed: 6.0 Gb/s
    tech: HDD rpm: 7200 serial: <filter> fw-rev: A5E0 scheme: GPT
  ID-4: /dev/sdc maj-min: 8:32 vendor: Samsung model: Portable SSD T5
    size: 465.76 GiB block-size: physical: 512 B logical: 512 B type: USB
    rev: 3.1 spd: 5 Gb/s lanes: 1 mode: 3.2 gen-1x1 tech: SSD serial: <filter>
    scheme: MBR
  Message: No optical or floppy data found.
Partition:
  ID-1: / raw-size: 88.61 GiB size: 86.66 GiB (97.80%) used: 28.75 GiB (33.2%)
    fs: ext4 dev: /dev/sdc1 maj-min: 8:33 label: N/A
    uuid: eb235aa7-d461-413d-800e-ea57385703fb
  ID-2: /boot raw-size: 200 MiB size: 188.2 MiB (94.09%)
    used: 117.3 MiB (62.3%) fs: ext3 dev: /dev/sdc3 maj-min: 8:35 label: N/A
    uuid: 26eda82e-b403-49b8-abca-202167417020
  ID-3: /home raw-size: 332.03 GiB size: 325.75 GiB (98.11%)
    used: 6.51 GiB (2.0%) fs: ext4 dev: /dev/sdc4 maj-min: 8:36 label: N/A
    uuid: ada4a6a2-bd0a-4652-b386-7c637bba7ee9
  ID-4: /media/nvme-games raw-size: 1.82 TiB size: 1.79 TiB (98.37%)
    used: 261.59 GiB (14.3%) fs: ext4 dev: /dev/nvme0n1p1 maj-min: 259:1
    label: nvme-games uuid: 423e0b4c-a042-4ca4-9b01-f066f692d375
  ID-5: /media/temp raw-size: 63.48 GiB size: 62.18 GiB (97.96%)
    used: 13.12 GiB (21.1%) fs: ext4 dev: /dev/sdb1 maj-min: 8:17 label: temp
    uuid: 1e81b7c2-3438-438a-b572-ff8a966a78e1
Swap:
  Kernel: swappiness: 10 (default 60) cache-pressure: 100 (default)
  ID-1: swap-1 type: partition size: 7.81 GiB used: 0 KiB (0.0%) priority: -2
    dev: /dev/sdc2 maj-min: 8:34 label: N/A
    uuid: 717b267e-7322-4bf9-a840-f1210d422d1a
Unmounted:
  ID-1: /dev/sda1 maj-min: 8:1 size: 50 MiB fs: ntfs label: System-reserviert
    uuid: B2286A122869D5BF
  ID-2: /dev/sda2 maj-min: 8:2 size: 97.09 GiB fs: ntfs label: win10
    uuid: 5E60C09860C077F3
  ID-3: /dev/sda4 maj-min: 8:4 size: 782.51 GiB fs: ntfs label: games
    uuid: 165692E31D7ADAF2
  ID-4: /dev/sdb2 maj-min: 8:18 size: 1.57 TiB fs: <superuser required>
    label: N/A uuid: N/A
  ID-5: /dev/sdb3 maj-min: 8:19 size: 1.09 TiB fs: <superuser required>
    label: N/A uuid: N/A
USB:
  Hub-1: 1-0:1 info: hi-speed hub with single TT ports: 16 rev: 2.0
    speed: 480 Mb/s (57.2 MiB/s) lanes: 1 mode: 2.0 chip-ID: 1d6b:0002
    class-ID: 0900
  Device-1: 1-13:2 info: A4Tech XL-730K / XL-750BK XL-755BK Mice
    type: keyboard,mouse driver: hid-generic,usbhid interfaces: 2 rev: 1.1
    speed: 12 Mb/s (1.4 MiB/s) lanes: 1 mode: 1.1 power: 100mA
    chip-ID: 09da:9090 class-ID: 0301
  Hub-2: 2-0:1 info: super-speed hub ports: 10 rev: 3.0
    speed: 5 Gb/s (596.0 MiB/s) lanes: 1 mode: 3.2 gen-1x1 chip-ID: 1d6b:0003
    class-ID: 0900
  Device-1: 2-5:2 info: Samsung Portable SSD T5 type: mass storage
    driver: uas interfaces: 1 rev: 3.1 speed: 5 Gb/s (596.0 MiB/s) lanes: 1
    mode: 3.2 gen-1x1 power: 896mA chip-ID: 04e8:61f5 class-ID: 0806
    serial: <filter>
  Hub-3: 3-0:1 info: hi-speed hub with single TT ports: 2 rev: 2.0
    speed: 480 Mb/s (57.2 MiB/s) lanes: 1 mode: 2.0 chip-ID: 1d6b:0002
    class-ID: 0900
  Hub-4: 4-0:1 info: super-speed hub ports: 4 rev: 3.1
    speed: 10 Gb/s (1.16 GiB/s) lanes: 1 mode: 3.2 gen-2x1 chip-ID: 1d6b:0003
    class-ID: 0900
  Hub-5: 5-0:1 info: hi-speed hub with single TT ports: 2 rev: 2.0
    speed: 480 Mb/s (57.2 MiB/s) lanes: 1 mode: 2.0 chip-ID: 1d6b:0002
    class-ID: 0900
  Hub-6: 6-0:1 info: super-speed hub ports: 2 rev: 3.1
    speed: 10 Gb/s (1.16 GiB/s) lanes: 1 mode: 3.2 gen-2x1 chip-ID: 1d6b:0003
    class-ID: 0900
Sensors:
  System Temperatures: cpu: 39.0 C mobo: N/A gpu: nvidia temp: 46 C
  Fan Speeds (RPM): N/A gpu: nvidia fan: 25%
Info:
  Processes: 239 Uptime: 1h 29m wakeups: 2 Init: systemd v: 253
  default: graphical tool: systemctl Compilers: gcc: 13.2.1 clang: 15.0.7
  Packages: 1508 pm: pacman pkgs: 1501 libs: 430 tools: pamac pm: flatpak
  pkgs: 7 Shell: Bash v: 5.1.16 running-in: konsole inxi: 3.3.28
2

I have looked at that .pacnew when it came down the pike and I simply deleted it. All it contains is what was already in the old /etc/pam.d/sddm plus a number of things listed as optional and referring to GNOME components only.

:man_shrugging:

1 Like
3

Yeah i wonder also there was gnome stuff.
I also dont use Kwallet, as far im aware of.

I see some lines starting with “-” is this may some kind of “#” thats deactivate the line?

Since i dont use Kwallet5, could this been an security improvement?

4

It means “Try loading this module, but don’t complain if it doesn’t exist.” So basically, it means that it’s optional.

1 Like
5

Okay thanks, i let it unmerged then.

1 Like
6

Rule of thumb: If you have never made any changes to that file, accept the new defaults. Anything else is unsupported.

1 Like
7

A survey could reveal if anyone pays attention to pacnews in stable branch. :see_no_evil: :hear_no_evil: :speak_no_evil:

8

The survey was that round of updates that required intervention (removal of community repo) which revealed the majority do not, and had never managed them … and one was phil :sweat_smile:

2 Likes
9

I think what’s missing are more practical examples how to handle pacnews. The principle approach is well described in the wiki but it’s not helping much in the specific case. Why not opening a new chapter “Pacnew Management Examples” in the “Announcement” category with a short tutorial and an area giving TL3 members the chance to post examples?

1 Like
10

And i was one of them.
The truth is also, that i didnt managed my pacnew files for whole 3 years (for 2 systems), till yesterday.

I never run into problems and even after i compared and merged them (it was 13 files actually on my PC and 7 files on my Laptop) now. 80% of this files had entries and changes only behind a # and it was just alot eye candy or was only there because i have custom settings and the pacnew file was only there to complain to revert it back to default.

On the other hand this other 20% are leading now to a “maybe” more secured OS or is “maybe” atleast more stable for the coming updates… but who knows.

11

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.