Comment 116 for bug 1733557

@Rael Gugelmin Cunha

My knowledge is not PAM friendly but I think it's something like this - when the screen is locked, PAM transaction is started via pam_start and after authentication (entered a password) it's closed via pam_end. But if we switch user from the locked screen, PAM transaction is not terminated via pam_end and pam_handle_ is still presented. When we return into the session and lock the screen again, the following code will cause the issue:

unity/lockscreen/UserAuthenticatorPam.cpp

if (pam_handle_)
  {
    LOG_ERROR(logger) << "Unable to start authentication because another one has already been started";
    return false;
  }

It will try 5 times to authenticate but it always returns false as pam_handle_ is still present, then the following code shows "Authentication failure" with "Switch to greeter" button:

unity/lockscreen/UserPromptView.cpp

if (num_retry_auth_ <= 5)
  {
    LOG_WARNING(logger) << "Failed to start the authentication process. Retrying for " << num_retry_auth_ << " time.";
    source_manager_.AddTimeout(100, [this] {
      StartAuthentication();
      return false;
    });
  }
  else
  {
    AddMessage(_("Authentication failure"), nux::color::Red);
    AddButton(_("Switch to greeter…"), [this] {
      session_manager_->SwitchToGreeter();
    });

My solution is to terminate the PAM transaction and let it try to init the new one. I have tested it in my case and it works without problem.
I wonder why there is the case of error - "Unable to start authentication because another one has already been started". I don't know what case it's related to.