Warning, /plasma/kwallet-pam/README.txt is written in an unsupported language. File is not indexed.
0001 How kwallet-pam works: 0002 0003 During the pam "auth" (pam_authenticate) stage the module gets the password in plain text. 0004 It hashes it against a random salt previously generated by kwallet of random data and keeps it in memory. 0005 0006 When we get to the "session" (pam_open_session) stage the pam module forks and launches kwalletd as the user with file descriptor AND a socket. 0007 We send the salted password over the file descriptor after forking and write the socket address to an env variable. 0008 0009 KWalletd recieves the pre-hashed key and then sits there doing nothing. (before the QApplication constructor) 0010 0011 Later after session startup (autostart apps phase 0) a small script passes the newly set environment from the user session to kwalletd over the socket. 0012 0013 kwalletd receives this, sets the environment variables and continues into the normal bootup. 0014 0015 The session env is needed as if we launch pre session various important env vars are not set and kwalletd is a graphical app. 0016