After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 548456 - migrating from keyring is buggy
migrating from keyring is buggy
Status: RESOLVED INCOMPLETE
Product: gnome-keyring
Classification: Core
Component: general
2.22.x
Other Linux
: Normal normal
: ---
Assigned To: GNOME keyring maintainer(s)
GNOME keyring maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2008-08-19 14:09 UTC by Hubert Figuiere (:hub)
Modified: 2009-07-02 23:44 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Hubert Figuiere (:hub) 2008-08-19 14:09:48 UTC
Migrating from Gnome Keyring to Searhorse when upgrading to Gnome 2.22 fail as it create a second keyring called "login" instead of renaming the "default" keyring.

This cause all the issues of bug 548319
Comment 1 Stef Walter 2008-08-28 02:14:11 UTC
Yes, sadly I haven't been able to come up with a better state of affairs. 

Since 2.22 the 'login' keyring is the one that is tied to your unix (ie: PAM) account (if your distro enables the integration with PAM, most do). Importantly, the password for the login keyring should be identical to the login password for your unix account.

For new users the 'login' keyring also becomes the default keyring, and all is well.

However for users with a previous default keyring (and a possibly arbitrary password) we can't just change that keyring's password to the one from your unix account. Reasons why we can't:

 * We don't know it. We'd need to put up another useless prompt for the user, confusing. 
 * It may be that the user wants to keep a 'better' password on their keyring than on their account. 

So in these cases the default keyring remains, and a new login keyring is created, which is only used to store passwords that must be 'Unlock automatically when I login'.

I believe this is the best compromise for all the various types of users. However if you have other ideas, feel free to reopen this bug. 
Comment 2 Hubert Figuiere (:hub) 2008-09-11 15:10:07 UTC
Doing all these things silently is VERY BAD. It took me time to figure it out. Imagine the lambda user....

Yes you'd need to prompt something. But that's the way it is. The current situation is not satisfactory at all.
Comment 3 Stef Walter 2008-09-11 15:50:16 UTC
This is way too late for 2.24.x. And I also really don't understand what you're saying or suggesting... What's a 'lambda user'?
Comment 4 Hubert Figuiere (:hub) 2008-09-11 15:54:41 UTC
(In reply to comment #3)
> What's a 'lambda user'?


Non techie users. ie what should be the vast majority.

Comment 5 Stef Walter 2008-09-11 20:21:11 UTC
I don't want to argue... but I imagine that non techie users would be the ones who were not at all bothered by the above migration procedure. They would just store their passwords and everything would work magically.

The only consideration is that the seahorse UI currently (bug #548319) doesn't show multiple keyrings in the main password listing. However this will be fixed shortly. 

Once the above UI issue is fixed (ie: one can see multiple keyrings in seahorse and manage them without issue), do you think this will continue to be a problem for non-techie users? 

If so, could you describe a specific use case of such a user.
Comment 6 Tobias Mueller 2009-04-13 21:15:17 UTC
Hey hub, could you answer Stefs questions from comment #5?
Comment 7 André Klapper 2009-07-02 23:44:26 UTC
Closing this bug report as no further information has been provided. Please feel free to reopen this bug if you can provide the information asked for.
Thanks!