Comment 50 for bug 1240336

Cleaned up /etc/pam.d and used "sudo pam-auth-update" and "sudo pam-auth-update --force" to autofix thing. I found I had an extra likewise PAM profile in /usr/share/pam-configs/.

Nothing worked.

Finally, I retried a previous solution:
Tried version of #32
* Added
    session required pam_loginuid.so
    session required pam_systemd.so
  to top of /etc/pam.d/kdm
Logout, Restart X, Login

This worked. Mounting is fixed. System Settings->Login Screen reports "You will be asked to authenticate before saving" and it does indeed when I apply.

I know that the order of selection is important to PAM, but I haven't yet compared my PAM files to a working system to find out where these entries really need to be placed.
Why didn't I need them before the upgrade OR why where they removed on upgrade? The file dates seem to indicate that the PAM entries were not in the kdm file or @include chains before the update.

Previous entries of "pam_loginuid.so" and "pam_systemd.so" via grep:
  /etc/pam.d/common-session:session optional pam_systemd.so
  /etc/pam.d/sshd:session required pam_loginuid.so
Since "pam_loginuid.so" is relegated to SSHD, it was never in the chain of PAM for a local login.
The "pam_systemd.so" is third from the bottom in the common-session file. This is where I made my previous changes in #46.

I'll do a few more tests.