GNOME Bugzilla – Bug 658927
gnome-keyring 3.1.X create a ~/.gnome2/keyrings with wrong permissions
Last modified: 2011-09-24 21:25:08 UTC
I've installed gnome-3.1 and clean up my gnome configuration. After login to gdm gnome-keyring create a ~/.gnome2/keyrings gaetan@frugalware:~$ sudo ls ~/.gnome2* -al /home/gaetan/.gnome2: total 12 drwx------ 3 root users 4096 12 sept. 21:47 . drwx--x--x 40 gaetan users 4096 12 sept. 21:47 .. drwx------ 2 root users 4096 12 sept. 21:47 keyrings /home/gaetan/.gnome2_private: total 8 drwx------ 2 gaetan users 4096 12 sept. 21:47 . drwx--x--x 40 gaetan users 4096 12 sept. 21:47 .. I use libgnome-keyring-3.1.90 and gnome-keyring-3.1.91 If you would some other informations ?
Can you check the credentials of the running gnome-keyring process? What user is it running as? How is it installed?
Hi, bouleetbil@testingfrugalware:~$ ps aux | grep keyring root 13813 0.0 0.0 15752 1228 ? Sl 09:31 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login keyring-daemon is started after gdm (gdm-3.1.91) I've installed gnome3.1 from sources : libgnome-keyring-3.1.90 gnome-keyring-3.1.91 If you would see the version of my gnome component : http://ftp.frugalware.org/pub/other/people/bouleetbil/gnometesting/frugalware-x86_64/ If you would some other informations ?
It seems that the gnome-keyring PAM module is being run as root, instead of as the user. Are you the packager for GNOME on your distro?
Yes I'm the packager I will check the pam rules. But I've don't change pam rules for the 3.1 except add gdm-welcome
I think this was fixed in: bug 659402 *** This bug has been marked as a duplicate of bug 659402 ***
It's Not fixed same problem gaetan@frugalware:~$ ps aux | grep keyring root 904 0.0 0.3 43476 3516 ? Sl 17:57 0:00 /usr/bin/gnome-keyring-daemon --start --components=pkcs11 root 906 0.0 0.3 44496 3648 ? Sl 17:57 0:00 /usr/bin/gnome-keyring-daemon --start --components=ssh root 907 0.0 0.3 43484 3520 ? Sl 17:57 0:00 gnome-keyring-daemon --start --components=gpg root 908 0.0 0.3 44400 3496 ? Sl 17:57 0:00 /usr/bin/gnome-keyring-daemon --start --components=secrets root 2359 0.0 0.3 43484 3524 ? Sl 18:06 0:00 gnome-keyring-daemon --start --components=gpg root 2365 0.0 0.3 43484 3524 ? Sl 18:06 0:00 /usr/bin/gnome-keyring-daemon --start --components=pkcs11 root 2368 0.0 0.3 44400 3496 ? Sl 18:06 0:00 /usr/bin/gnome-keyring-daemon --start --components=secrets root 2369 0.0 0.3 43484 3524 ? Sl 18:06 0:00 /usr/bin/gnome-keyring-daemon --start --components=ssh gaetan 2710 0.0 0.0 4420 864 pts/1 S+ 18:12 0:00 grep keyring My gdm pam rules : gdm #%PAM-1.0 auth requisite pam_nologin.so auth required pam_env.so auth required pam_unix.so auth optional pam_gnome_keyring.so account required pam_unix.so session required pam_limits.so session required pam_unix.so session optional pam_gnome_keyring.so auto_start password required pam_unix.so session required pam_systemd.so session required pam_loginuid.so gdm-welcome #%PAM-1.0 auth required pam_env.so auth required pam_permit.so account required pam_nologin.so account required pam_unix.so password required pam_unix.so session required pam_loginuid.so session optional pam_keyinit.so force revoke session required pam_unix.so session required pam_systemd.so session required pam_loginuid.so gdm-autologin #%PAM-1.0 auth requisite pam_nologin.so auth required pam_env.so auth required pam_permit.so account required pam_unix.so password required pam_unix.so session required pam_limits.so session required pam_unix.so session required pam_systemd.so
Please make sure gnome-keyring-daemon is not running setuid root.
Ok I've remove setuid from gnome-keyring-daemon and now that work