Have you enabled SELinux?
Are you seeing messages similar to the following in the systemd Journal?
- This system is Leap 16.0 with SELinux and SDDM executing on Wayland – this General Chat topic: <KDE Plasma - Going all-in on a Wayland future>
Dez 19 09:24:44 (systemd)[1949]: pam_unix(systemd-user:session): session opened for user xxx(uid=1001) by xxx(uid=0)
Dez 19 09:24:44 (systemd)[1949]: pam_kwallet5(systemd-user:session): pam_kwallet5: not a graphical session, skipping. Use force_run parameter to ignore this.
Dez 19 09:24:44 systemd[1949]: Queued start job for default target Main User Target.
Dez 19 09:24:44 sddm-helper[1942]: pam_unix(sddm:session): session opened for user xxx(uid=1001) by xxx(uid=0)
Dez 19 09:24:44 systemd[1949]: Created slice User Application Slice.
Dez 19 09:24:44 sddm-helper[1942]: pam_kwallet5(sddm:session): pam_kwallet5: pam_sm_open_session
Dez 19 09:24:44 sddm-helper[1974]: pam_kwallet5: Couldn't create directory: /home/xxx because: 13-Keine Berechtigung
Dez 19 09:24:44 sddm-helper[1974]: pam_kwallet5: Couldn't open file: /home/xxx/.local/share/kwalletd/kdewallet.salt because: 13-Keine Berechtigung
Dez 19 09:24:44 sddm-helper[1942]: pam_kwallet5(sddm:session): pam_kwallet5: Couldn't create salt file
Dez 19 09:24:44 sddm-helper[1975]: pam_kwallet5: Failed to ensure /home/xxx/.local/share/kwalletd/kdewallet.salt looks like a salt file
Dez 19 09:24:44 systemd[1949]: Reached target Paths.
Dez 19 09:24:44 sddm-helper[1942]: pam_kwallet5(sddm:session): pam_kwallet5: Couldn't read salt file
Dez 19 09:24:44 systemd[1949]: Reached target Timers.
Dez 19 09:24:44 sddm-helper[1942]: pam_kwallet5-kwalletd: Couldn't create or read the salt file
Dez 19 09:24:44 systemd[1949]: Starting D-Bus User Message Bus Socket...
Dez 19 09:24:44 sddm-helper[1942]: pam_kwallet5(sddm:session): pam_kwallet5: Fail into creating the hash
Dez 19 09:24:44 systemd[1949]: Listening on GnuPG network certificate management daemon.
Dez 19 09:24:44 sddm-helper[1736]: pam_unix(sddm-greeter:session): session closed for user sddm
Dez 19 09:24:44 sddm-helper[1736]: pam_kwallet5(sddm-greeter:session): pam_kwallet5: pam_sm_close_session
You may have to simply set the password of the KWallet “kdewallet” to nothing – empty:
- Simply open the “Change password” dialogue and hit “OK” – “Do it!” – without entering any password characters …
Further information is available in your SELinux Audit:
# ausearch -c 'sddm-helper' --raw
type=AVC msg=audit(1761734137.190:332): avc: denied { getattr } for pid=43640 comm="sddm-helper" path="/home01/yyy/.local/share/kwalletd/kdewallet.salt" dev="sdb3" ino=6442451460 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1761734137.190:333): avc: denied { remove_name } for pid=43640 comm="sddm-helper" name="kdewallet.salt" dev="sdb3" ino=6442451460 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1761734137.190:334): avc: denied { write } for pid=43640 comm="sddm-helper" name="kdewallet.salt" dev="sdb3" ino=6442451460 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1761734137.195:335): avc: denied { getattr } for pid=43641 comm="sddm-helper" path="/home01/yyy/.local/share/kwalletd/kdewallet.salt" dev="sdb3" ino=6442451460 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1761734137.353:337): avc: denied { add_name } for pid=43642 comm="sddm-helper" name="wayland-session.log" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1761734137.354:338): avc: denied { write } for pid=43642 comm="sddm-helper" name="wayland-session.log" dev="sdb3" ino=630 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1761758848.417:309): avc: denied { getattr } for pid=6365 comm="sddm-helper" path="/home01/yyy/.local/share/kwalletd/kdewallet.salt" dev="sdb3" ino=6442451460 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
type=AVC msg=audit(1761758848.417:310): avc: denied { remove_name } for pid=6365 comm="sddm-helper" name="kdewallet.salt" dev="sdb3" ino=6442451460 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1761758848.417:311): avc: denied { write } for pid=6365 comm="sddm-helper" name="kdewallet.salt" dev="sdb3" ino=6442451460 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0
.
.
.
#
I’m currently trying to investigate this issue properly and will eventually raise a Bug Report in the New Year.
- Once I’ve worked out how to formulate the Bug Report’s content.
- I’ve tried the suggested SELinux actions to produce a new Security definition but, haven’t had any success to date.