(based on these two blog entries and inspired by Fedora-Blog)
First install pam_kwallet:
sudo zypper in pam_kwallet
Then edit the files /etc/pam.d/passwd
, /etc/pam.d/login
and /etc/pam.d/sddm
as follows, i.e. add the lines beginning with a -
(the hyphens are valid PAM syntax to reduce log entries if these PAM modules should not exist) and ending with the ### comment
:
/etc/pam.d/passwd :
#%PAM-1.0
auth include common-auth
-auth optional pam_kwallet5.so kdehome=.local/share # Add this line
account include common-account
password include common-password
session include common-session
/etc/pam.d/login :
#%PAM-1.0
auth requisite pam_nologin.so
auth include common-auth
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
#session optional pam_lastlog.so nowtmp showfailed
session optional pam_mail.so standard
-session optional pam_kwallet5.so auto_start # Add this line
/etc/pam.d/sddm :
#%PAM-1.0
-auth optional pam_kwallet5.so kdehome=.local/share # Add this line
auth include common-auth
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
-session optional pam_kwallet5.so auto_start # Add this line
Now log out and in again to see if you do not have to type in your kwallet password.
Just hit the same problem after upgrading to LEAP 15.1 and libgcrypt20-1.8.2-lp151.8.1.
Exact commands to downgrade to v 1.8.2-lp150.5.3.1 and lock the broken version can be found here.