Re: i3lock-color: Login with correct password not working

[unadvised%airmail.cc@localhost]

> Then entering the password works as expected.

I would have to add something to that. What I found out is laughingly
crazy.

I realized even a kitten can unlock i3lock-color!

A kitten is not obviously a hacker, so I knew something else was wrong.

To test this myself I ran i3lock-color with --debug and bashed some
keys. When I pressed enter it unexpectedly unlocked. Here's the output:

<https://justpaste.it/9y3t9>

The output had nothing out of the ordinary. It had a line
"[i3lock-debug] successfully authenticated" which seemed like a serious
security risk.

Because the config file was part of the package, this is even more
serious.

So I got curious and inputted less and less characters. Every time I
pressed enter it was unlocking. Then I locked and without pressing
anything else pressed enter. It unlocked!

I had a feeling it might have something to do with pam config. The
following is from i3lock package:

$ cat /usr/pkg/share/examples/i3lock/pam.d/i3lock
...
auth include system

And this is from i3lock-color package:

$ cat /usr/pkg/share/examples/i3lock/pam.d/i3lock
...
#auth include system-local-login # For Arch/Gentoo
auth include login # For Debian

Out of curiosity, with i3lock installed I put "auth include login" in
/etc/pam.d/i3lock and this time i3lock was unlocking just pressing
enter!

So I installed i3lock-color and did (based on i3lock's config):

$ echo 'auth include system' | doas tee /etc/pam.d/i3lock

This time I couldn't unlock!

Is there any way to fix this?