I have used LUKS encryption on KDE user logon for a while now.
A few weeks ago, I switched from SDDM to Plasma Login Manager. With this change I lost the encryption at user logon.
I setup the encryption again by adding the following two lines into the file /usr/lib/pam.d/plasmalogin.
auth optional pam_mount.so
session optional pam_mount.so
Now I have the problem that the file /usr/lib/pam.d/plasmalogin is sometimes overwritten after an update, and my changes are lost.
Which file do I need to edit so that the changes aren’t lost during an update?
Try placing the file in /etc/pam.d/ instead. That way it won’t be overwritten when you update.
4 Likes
See the above 
That is normal - never change files in the /usr/... tree.
Those files will be overwritten without warning on package update.
Is it your user’s home you have encrypted?
I think that converting your user to systemd-homed will eliminate your problem.
Hi @scotty65 and @linux-aarhus,
thank you for your answer.
No, it’s not my home directory I have encrypted.
My setup is very old and no more up to date (lucs password = user password). How to do it with modern systemd and a secure decryption with different password (e.g. in KWallet)? Do you know a easy how-to?
If you have to ask, then I would recommend staying with the old syntax — “If it ain’t broke, don’t fix it.” 
By the way, kwallet doesn’t have anything to do with booting from an encrypted drive. kwallet is only loaded after logging into Plasma.
1 Like