Last bits in kde-workspace

[David Edmundson]

kgreetplugin is a QWidget based wrapper round kcheckpass and has a
custom protocol to talk to it.

As Martin G said, needing kchceckpass is a legacy, that isn't needed
anymore. The pam_unix module now distributes it's own SUID binary for
reading the password file which it invokes if it needs to, so a PAM
user like the lockscreen doesn't need to worry about it.

AFAIK QAuth was also planned to use a separate binary, but it at least
won't be SUID.
I think it was more for the purpose of dealing with copying
environment variables, and it's a simple (but lazy) solution to PAMs
blocking API. Martin B can correct me.

QAuth is pretty good, last time I looked at the code (~1 month ago)
it's pretty neat, and abstracts PAM to hopefully have a different
backend in the future (I can hope. PAM sucks). I want to use it long
term.

The only thing I'm not sure about is timescales, anything that touches
PAM causes the main distros to panic and do a full security audit
(SuSE, Red Hat at least) which I've seen happen with LightDM.

Summary:
Aleix's idea of moving seems ideal, we might have to make a split
version of kgreeterplugin that we can use for the lockscreen, and keep
kcheckpass. Long term I don't want to though.

David