chore: update opencode workflow and local config
This commit is contained in:
alex wiesner
43
.memory/plans/luks-sddm-kwallet-login-integration.md
Normal file
43
.memory/plans/luks-sddm-kwallet-login-integration.md
Normal file
@@ -0,0 +1,43 @@
|
||||
---
|
||||
title: luks-sddm-kwallet-login-integration
|
||||
type: note
|
||||
permalink: dotfiles/plans/luks-sddm-kwallet-login-integration
|
||||
tags:
|
||||
- auth
|
||||
- sddm
|
||||
- kwallet
|
||||
- luks
|
||||
---
|
||||
|
||||
# LUKS / SDDM / KWallet login integration
|
||||
|
||||
## Goal
|
||||
Configure the system so login feels unified across LUKS boot unlock, SDDM, and KWallet.
|
||||
|
||||
## Clarified scope
|
||||
- [decision] User selected **Password login** instead of true SDDM autologin because password login preserves KWallet PAM unlock.
|
||||
- [decision] User selected **Just document commands** instead of expanding repo scope to manage `/etc` files directly.
|
||||
- [decision] Deliverable is repo documentation with exact manual system commands/edits; no tracked `/etc` files will be added in this change.
|
||||
|
||||
## Discovery
|
||||
- Dotfiles repo contains user-space config only; system auth files live outside the repo.
|
||||
- Current system already references `pam_kwallet5.so` in `/etc/pam.d/sddm` and `/etc/pam.d/sddm-autologin`, but the module is missing and silently skipped.
|
||||
- `kwallet-pam` is available in Arch repos and should provide the current PAM module for KWallet 6.
|
||||
- LUKS unlock and SDDM login are independent phases; there is no direct password handoff from initramfs to SDDM.
|
||||
- True SDDM autologin conflicts with password-based KWallet unlock because no login password is available to PAM during autologin.
|
||||
|
||||
## Tasks
|
||||
- [ ] Write documentation for package install and PAM edits needed for SDDM/KWallet integration
|
||||
- [ ] Document wallet initialization and verification steps
|
||||
- [ ] Review documentation for correctness and scope alignment
|
||||
- [ ] Validate documented commands against current system state where possible
|
||||
- [ ] Check documentation coverage/placement in repo
|
||||
|
||||
## Acceptance criteria
|
||||
- README documents the exact package install step and the exact PAM module substitutions needed.
|
||||
- README explicitly states that password login is the chosen model and true SDDM autologin is not part of this setup.
|
||||
- README includes KWallet initialization and verification steps suitable for this Arch + Hyprland + SDDM setup.
|
||||
- Reviewer/tester/librarian passes are recorded before completion.
|
||||
|
||||
## Workstream
|
||||
- Single workstream in the main repo working tree.
|
||||
Reference in New Issue
Block a user