After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 711810 - gnome-keyring-daemon fail if ~/.cache isn't available.
gnome-keyring-daemon fail if ~/.cache isn't available.
Status: RESOLVED FIXED
Product: gnome-keyring
Classification: Core
Component: general
3.8.x
Other Linux
: Normal normal
: ---
Assigned To: GNOME keyring maintainer(s)
GNOME keyring maintainer(s)
Depends on: 725801
Blocks:
 
 
Reported: 2013-11-10 21:25 UTC by Germar Reitze
Modified: 2016-11-29 21:26 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Germar Reitze 2013-11-10 21:25:34 UTC
/root/.cache isn't created by default on some distributions (Xubuntu, Kubuntu, ArchLinux). This will cause gnome-keyring-daemon to fail when called by dbus from a python program running with sudo. And so 'sudo python -c "import keyring"' will fail after a ~30sec timeout. (dependencies: 'python-keyring' and 'python-secretstorage')

Steps to reproduse (this is the Exec command found in /usr/share/dbus-1/services/org.freedesktop.secrets.service):
$ sudo /usr/bin/gnome-keyring-daemon --start --foreground --components=secrets

** (gnome-keyring-daemon:30328): WARNING **: couldn't create socket directory: No such file or directory

** (gnome-keyring-daemon:30328): WARNING **: couldn't bind to control socket: /root/.cache/keyring-9D34R9/control: No such file or directory

Please create ~/.cache (or XDG_CACHE_HOME) in gnome-keyring-daemon if it isn't available

This was reported first in https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1181344

Verified on versions 3.6.1, 3.8.0 and 3.10.0
Comment 1 Stef Walter 2013-11-11 08:39:39 UTC
Hmmm, it sounds like $XDG_RUNTIME_DIR is not defined as per the XDG Basedir spec. 

Secondly, gnome-keyring-daemon hasn't been designed to be run as root. Would be interested in hearing your use case.
Comment 2 Germar Reitze 2013-11-11 20:09:59 UTC
$XDG_RUNTIME_DIR doesn't change if running with sudo:
~$ echo $XDG_RUNTIME_DIR
/run/user/germar
~$ sudo echo $XDG_RUNTIME_DIR
/run/user/germar

So would you say sudo have to take care that $XDG_RUNTIME_DIR changes? Will this fix the problem?

Use case:
BackInTime (http://backintime.le-web.org/) is a backup tool mainly developed to provide userspace snapshot backups. But people use BIT with sudo (and so we provide that functionality) to make full system backups, too.
We use python-keyring and python-secretstorage to store secrets (ssh-passphrase, encryption password) in gnome-keyring. While root normally doesn't have a keyring python-keyring will fall back to PlaintextKeyring and so I disabled storing to keyring in that case (user will have to provide password manually).

But as soon as BIT (started with sudo) will run 'import keyring' (test case: 'sudo python -c "import keyring"') it will hang for ~30sec until the dbus call raises a dbus.exceptions.DBusException (test case: 'sudo python -c "import dbus; dbus.SessionBus().get_object('org.freedesktop.secrets', '/org/freedesktop/secrets')"')

This dbus call will run '/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets' which will fail with the waring in my original report if ~/.cache (and $XDG_RUNTIME_DIR) isn't available.
Comment 3 Germar Reitze 2013-11-12 04:01:58 UTC
Sorry, I just noticed that I'm wrong about $XDG_RUNTIME_DIR. Shell will replace $XDG_RUNTIME_DIR before exec sudo. That's why it was /run/user/germar.
$XDG_RUNTIME_DIR is not set with sudo.
Comment 4 Germar Reitze 2013-11-25 16:43:49 UTC
@Stef Walter I still think this should be considered as a bug in gnome-keyring.

XDG Basedir spec says "If $XDG_RUNTIME_DIR is not set applications should fall back to a replacement directory with similar capabilities and print a warning message."

So gnome-keyring should check for (and try to create) the fall back dir before failing.
Comment 5 Dmitry Shachnev 2014-01-28 07:13:54 UTC
My use case it that I want to run python-secretstorage tests in a clean environment (chroot + xvfb), and I need gnome-keyring-daemon as it is so far the only working SecretService server.

Exporting XDG_RUNTIME_PATH works, thanks.
Comment 6 Stef Walter 2014-03-06 17:43:23 UTC
The patches on bug #725801 should fix this.
Comment 7 Bastien Nocera 2016-11-29 10:38:32 UTC
bug #725801 has been fixed for a couple of years. Germar, does this work for you now?
Comment 8 Germar Reitze 2016-11-29 21:26:21 UTC
It does work with gnome-keyring-daemone 3.20.0 on Arch.

Version 3.18.3 on Ubuntu 16.04 does still not work. But I didn't check yet if the patch was included.

I consider this as solved. Thanks