Skip to content

fix(setup): restore MultiSelect for PAM service selection; rewrite DM descriptions#44

Open
tyvsmith wants to merge 1 commit into
mainfrom
fix/pam-setup-restore-multiselect-and-honest-dm-descriptions
Open

fix(setup): restore MultiSelect for PAM service selection; rewrite DM descriptions#44
tyvsmith wants to merge 1 commit into
mainfrom
fix/pam-setup-restore-multiselect-and-honest-dm-descriptions

Conversation

@tyvsmith
Copy link
Copy Markdown
Owner

@tyvsmith tyvsmith commented May 24, 2026

Summary

  • UX regression fix: PR feat(setup): detect display managers and screen lockers; offer per-service opt-in #43 accidentally replaced the single MultiSelect screen (all services listed with [x]/[ ] toggles, one Enter to confirm) with N sequential Confirm prompts — one per candidate service. This restores the original single-screen UX.
  • DM description rewrite: The previous descriptions appended "— declining is recommended unless you have recovery access" to GDM, SDDM, and LightDM. That framing was factually wrong and needlessly alarming — auth sufficient pam_facelock.so falls through to password auth when the module is absent or failing, so there is no lockout risk. The real concern with display managers is unverified integration, not lockout.

Changes

  • wizard_pam_setup: replaced the for-loop of Confirm prompts with a single dialoguer::MultiSelect call. Non-TTY / non-interactive mode unchanged (auto-selects per default_enabled).
  • gdm-password description: now says "integration not yet verified with GDM's auth flow" (GDM has an unusual stack — hedge retained).
  • sddm / lightdm descriptions: alarmist suffix removed; both use conventional PAM stacks.
  • default_enabled for all three DMs changed from falsetrue (consistent with sudo/polkit-1/lockers — same actual risk profile now that lockout fear is corrected).

Test plan

  • cargo fmt --all -- --check — clean
  • cargo build --workspace — passes
  • cargo test --workspace — 262 tests pass, 0 failures
  • cargo clippy --workspace -- -D warnings — clean
  • cargo run --bin facelock -- setup --help — parses correctly

Interactive TTY verification (manual — not automatable in CI):

Run cargo run --bin facelock -- setup in a terminal, advance through to the PAM step, and confirm: (a) a single MultiSelect screen appears with all detected services listed; (b) pre-checks match default_enabled (sudo/polkit-1/lockers/DMs checked, GDM checked-but-flagged); (c) space toggles, Enter confirms; (d) selections are honored downstream.

🤖 Generated with Claude Code

Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com

@tyvsmith @claude
fix(setup): restore MultiSelect for PAM service selection; rewrite DM…
9e2f437 
… descriptions

Fixes a UX regression introduced in #43 that replaced the single
MultiSelect screen with per-service Confirm prompts (one dialog per
candidate service).

Changes:
- Restore dialoguer::MultiSelect in wizard_pam_setup: all detected
  services are listed on one screen with [x]/[ ] toggles, pre-checked
  per default_enabled, confirmed with a single Enter keypress.
  Non-TTY / non-interactive mode auto-selects per defaults (unchanged).
- Rewrite display-manager descriptions to remove the alarmist
  "declining is recommended unless you have recovery access" language.
  auth sufficient pam_facelock.so falls through to password on
  module failure, so lockout is not a real risk. The genuine concern
  with DMs is unverified integration, not lockout — GDM's auth stack
  is genuinely unusual so it retains a hedge; SDDM and LightDM use
  conventional stacks and need no warning.
- Set default_enabled = true for all three DMs (consistent with how
  sudo/polkit-1/lockers are handled — same actual risk profile).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings May 24, 2026 05:30
Copilot AI reviewed May 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a setup wizard UX regression by restoring a single interactive multi-select screen for choosing PAM services, and updates display-manager service descriptions/defaults to reflect the actual (non-lockout) behavior and current integration confidence.

Changes:

  • Restore dialoguer::MultiSelect in wizard_pam_setup (replacing per-service Confirm prompts).
  • Rewrite PAM candidate descriptions for GDM/SDDM/LightDM and adjust their default_enabled values.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread crates/facelock-cli/src/commands/setup.rs
Comment on lines +967 to +971
for service in &selected_services {
println!(" Configuring PAM for {service}...");
match pam_install(service, true) {
Ok(()) => configured.push(service.clone()),
Err(e) => {
Comment thread crates/facelock-cli/src/commands/setup.rs
Comment on lines +1449 to +1450
description: "GDM login screen (GNOME) \u{2014} integration not yet verified with GDM's auth flow",
default_enabled: true,
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tyvsmith