After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 688161 - Error message when using gcr-viewer
Error message when using gcr-viewer
Status: RESOLVED NOTGNOME
Product: gcr
Classification: Core
Component: General
unspecified
Other Linux
: Normal normal
: ---
Assigned To: GNOME keyring maintainer(s)
GNOME keyring maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2012-11-12 12:06 UTC by fritz.heinrichmeyer
Modified: 2019-02-22 11:58 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description fritz.heinrichmeyer 2012-11-12 12:06:51 UTC
when i view a certificate with gcr-viewer started in a terminal, after typing in the password for the certificate file, i get a message 

couldn't lock 16384 bytes of memory (attributes): Cannot allocate memory

at the command line. I am on arch linux
Linux 3.6.6-1-ARCH #1 SMP PREEMPT Mon Nov 5 11:57:22 CET 2012 x86_64 GNU/Linux

pacman -Qs gcr results in

local/gcr 3.6.2-1
    A library for bits of crypto UI and parsing
local/libgcrypt 1.5.0-3
    a general purpose crypto library based on the code used
local/libgpg-error 1.10-2
    Support library for libgcrypt

apart from this message, data is shown correctly.
Comment 1 Stef Walter 2012-11-12 12:12:15 UTC
We try to use locked non-pageable memory to keep sensitive keys and passwords from being paged to disk accidentally.

This is a warning message about being unable to lock sensitive memory to keep it from being paged out. You'll need to increase your ulimit -l:

$ ulimit -a | grep locked
max locked memory       (kbytes, -l) 1024

It's likely that the limit on your machine is lower than the above. You can increase it in a distro specific manner (often /etc/security/limits.conf) or open a bug with you distro about changing the default to be higher in order to accomodate gcr, gnome-keyring, libsecret and seahorse.
Comment 2 fritz.heinrichmeyer 2012-11-12 12:29:05 UTC
ulimit -a|grep locked
max locked memory       (kbytes, -l) 64

as i understand 64 kbytes is more than 16386 byte?
Comment 3 Stef Walter 2012-11-12 12:48:54 UTC
(In reply to comment #2)
> as i understand 64 kbytes is more than 16386 byte?

I think that there may have been allocations, and the failing 16384 byte allocation is an additional one. If you want to patch egg-secure-memory.c, you can use egg_secure_records() to print out information about the previous allocations.
Comment 4 fritz.heinrichmeyer 2012-11-12 12:51:17 UTC
message disappears with ulimit -l 128