Bug 523470 – SSH keys not unlocked when started from the .service file

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 523470 - SSH keys not unlocked when started from the .service file


Summary:	SSH keys not unlocked when started from the .service file


Status:	RESOLVED WONTFIX

Product:	gnome-keyring
Classification:	Core
Component:	general
Version:	unspecified
Hardware:	Other Linux

Importance:	Normal blocker
Target Milestone:	---
Assigned To:	GNOME keyring maintainer(s)
QA Contact:	GNOME keyring maintainer(s)

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2008-03-19 21:42 UTC by Sebastian Dröge (slomo)
Modified:	2008-03-26 10:00 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
g-k-d-default-components.diff (398 bytes, patch) 2008-03-19 21:45 UTC, Sebastian Dröge (slomo)	rejected	Details \| Review
g-k-d-enable-ssh.diff (423 bytes, patch) 2008-03-19 21:45 UTC, Sebastian Dröge (slomo)	rejected	Details \| Review
help-text.diff (478 bytes, patch) 2008-03-19 21:49 UTC, Sebastian Dröge (slomo)	committed	Details \| Review

Description Sebastian Dröge (slomo) 2008-03-19 21:42:02 UTC

Hi,
see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471270

When started from the dbus .service file g-k-d does not unlock SSH keys as the ssh component is not started:
[...]
Exec=/usr/bin/gnome-keyring-daemon --foreground --components=keyring
[...]

Adding ",ssh" at the end fixes this but I have a feeling that there should not be any components given at all.

gkr-daemon.c has #define DEFAULT_COMPONENTS  "ssh,keyring,pkcs11" (the --help text is wrong btw, it only mentions the first two) and it says that the components to load are read from gconf so instead of forcing only "keyring" in the service file this should better be handled automatically (i.e. gconf and enable-all-fallback).

Ok to commit one of the attached patches? :)

Comment 1 Sebastian Dröge (slomo) 2008-03-19 21:45:24 UTC

Created attachment 107650 [details] [review]
g-k-d-default-components.diff

Automatically detect which components to start

Comment 2 Sebastian Dröge (slomo) 2008-03-19 21:45:48 UTC

Created attachment 107651 [details] [review]
g-k-d-enable-ssh.diff

Enable keyring and ssh components in any case

Comment 3 Sebastian Dröge (slomo) 2008-03-19 21:46:20 UTC

Marking this as blocker because it makes g-k more or less useless unless started from gdm via pam.

Comment 4 Sebastian Dröge (slomo) 2008-03-19 21:49:24 UTC

Created attachment 107652 [details] [review]
help-text.diff

Fix the help text

Comment 5 Stef Walter 2008-03-19 23:25:45 UTC

gnome-keyring-daemon should be started from PAM or gnome-session. When started from the service file it only functions for storing passwords, all other functionality is not available. 

Here's a little overview:

http://live.gnome.org/GnomeKeyring/Distributors