GNOME Bugzilla – Bug 750290
nm-applet should not require gnome-keyring for passphrase prompting
Last modified: 2018-10-29 05:16:32 UTC
nm-applet should be able to prompt the user for a WIFI passphrase without gnome-keyring installed, as it does not use gnome-keyring to store the passphrase. However, without gnome-keyring installed, nm-applet will *not* prompt the user at all. It will simply indicate a failure to connect to the network. The user then has to manually edit the network configuration and enter details. A simple prompt for a passphrase should not require the installation of gnome-keyring.
nm-applet requires "libsecret-unstable" but has no dependency on gnome-keyring. For me nm-applet does pop-up a password prompt without keyring installed. Which version of NM and nm-applet are you using? How did you configure the connection? What gives: nmcli connection show "CON-NAME" where you find "CON-NAME" via nmcli connection show
NetworkManager and nm-applet version 1.0.2 The connection was created by selecting the SSID from nm-applet. It immediately reported that I was disconnected from the network, without prompting for a WPA2 passphrase. I then selected "Edit Connections..." from the nm-applet right-click menu, selected the same SSID from the list of "Network Connections", selected "Wi-Fi Security", entered the network's passphrase in the "Password" field, and clicked Save. $ nmcli connection show foo connection.id: foo connection.uuid: x-x-x-x-x connection.interface-name: -- connection.type: 802-11-wireless connection.autoconnect: yes connection.autoconnect-priority: 0 connection.timestamp: 1434061925 connection.read-only: no connection.permissions: connection.zone: -- connection.master: -- connection.slave-type: -- connection.secondaries: connection.gateway-ping-timeout: 0 802-11-wireless.ssid: foo 802-11-wireless.mode: infrastructure 802-11-wireless.band: -- 802-11-wireless.channel: 0 802-11-wireless.bssid: -- 802-11-wireless.rate: 0 802-11-wireless.tx-power: 0 802-11-wireless.mac-address: x:x:x:x:x:x 802-11-wireless.cloned-mac-address: -- 802-11-wireless.mac-address-blacklist: 802-11-wireless.mtu: auto 802-11-wireless.seen-bssids: 802-11-wireless.hidden: no 802-11-wireless-security.key-mgmt: wpa-psk 802-11-wireless-security.wep-tx-keyidx: 0 802-11-wireless-security.auth-alg: -- 802-11-wireless-security.proto: 802-11-wireless-security.pairwise: 802-11-wireless-security.group: 802-11-wireless-security.leap-username: -- 802-11-wireless-security.wep-key0: <hidden> 802-11-wireless-security.wep-key1: <hidden> 802-11-wireless-security.wep-key2: <hidden> 802-11-wireless-security.wep-key3: <hidden> 802-11-wireless-security.wep-key-flags: 0 (none) 802-11-wireless-security.wep-key-type: 0 (unknown) 802-11-wireless-security.psk: <hidden> 802-11-wireless-security.psk-flags: 0 (none) 802-11-wireless-security.leap-password: <hidden> 802-11-wireless-security.leap-password-flags:0 (none) ipv4.method: auto ipv4.dns: ipv4.dns-search: ipv4.addresses: ipv4.gateway: -- ipv4.routes: ipv4.route-metric: -1 ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.never-default: no ipv4.may-fail: yes ipv6.method: auto ipv6.dns: ipv6.dns-search: ipv6.addresses: ipv6.gateway: -- ipv6.routes: ipv6.route-metric: -1 ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: 0 (disabled) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- GENERAL.NAME: foo GENERAL.UUID: x-x-x-x-x GENERAL.DEVICES: wlp3s0 GENERAL.STATE: activated GENERAL.DEFAULT: yes GENERAL.DEFAULT6: no GENERAL.VPN: no GENERAL.ZONE: -- GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/1 GENERAL.SPEC-OBJECT: /org/freedesktop/NetworkManager/AccessPoint/0 GENERAL.MASTER-PATH: -- IP4.ADDRESS[1]: x.x.x.x/24 IP4.GATEWAY: x.x.x.x IP4.DNS[1]: x.x.x.x IP4.DOMAIN[1]: foo.bar DHCP4.OPTION[1]: requested_host_name = 1 DHCP4.OPTION[2]: requested_time_offset = 1 DHCP4.OPTION[3]: requested_broadcast_address = 1 DHCP4.OPTION[4]: requested_rfc3442_classless_static_routes = 1 DHCP4.OPTION[5]: filename = /pxelinux.0 DHCP4.OPTION[6]: requested_domain_name = 1 DHCP4.OPTION[7]: domain_name = foo.bar DHCP4.OPTION[8]: expiry = 1434075245 DHCP4.OPTION[9]: next_server = x.x.x.x DHCP4.OPTION[10]: broadcast_address = x.x.x.x DHCP4.OPTION[11]: dhcp_message_type = 5 DHCP4.OPTION[12]: requested_subnet_mask = 1 DHCP4.OPTION[13]: routers = x.x.x.x DHCP4.OPTION[14]: ip_address = x.x.x.x DHCP4.OPTION[15]: dhcp_lease_time = 14400 DHCP4.OPTION[16]: requested_static_routes = 1 DHCP4.OPTION[17]: requested_domain_name_servers = 1 DHCP4.OPTION[18]: requested_ntp_servers = 1 DHCP4.OPTION[19]: requested_wpad = 1 DHCP4.OPTION[20]: domain_name_servers = x.x.x.x DHCP4.OPTION[21]: requested_ms_classless_static_routes = 1 DHCP4.OPTION[22]: subnet_mask = 255.255.255.0 DHCP4.OPTION[23]: requested_routers = 1 DHCP4.OPTION[24]: network_number = x.x.x.x DHCP4.OPTION[25]: dhcp_server_identifier = x.x.x.x IP6.ADDRESS[1]: x::x:x:x:x/64 IP6.GATEWAY:
I can confirm that this bug still exists: * With gnome3 keyring: prompts for passphrase * Without: no prompt
(To clarify, bug still exists in nm-applet 1.8.10)
See also: https://github.com/NixOS/nixpkgs/commit/8dc518c2dfb58e986d5ea2ddc5a630862725276f#r28366143
https://github.com/NixOS/nixpkgs/issues/38967
I can also confirm that no password prompt is shown. Furthermore, the following message is printed to the console running nm-applet: ** Message: 07:33:19.892 Remote error from secret service: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.secrets was not provided by any .service files
Created attachment 371093 [details] [review] Ask for password without Secret Service, probably bad Thomas pointed me towards https://git.gnome.org/browse/network-manager-applet/tree/src/applet-agent.c?id=f81f8a4febc26593b9d9052145d96efb82996c0e#n293, noting that if secret_service_search_finish() fails, it will never ask the user for secrets (it goes to done, and then "ask" is still false). I managed to create the attached patch. It allows me to connect to a password protected network but the code looks like it is full of hidden assumptions so there might be a handful of side effects. Number of asserts were produced as well: (nm-applet:1452): GLib-CRITICAL **: 14:25:58.924: g_variant_get_type: assertion 'value != NULL' failed (nm-applet:1452): GLib-CRITICAL **: 14:25:58.924: g_variant_type_is_subtype_of: assertion 'g_variant_type_check (type)' failed (nm-applet:1452): GLib-CRITICAL **: 14:25:58.924: g_variant_get_type: assertion 'value != NULL' failed (nm-applet:1452): GLib-CRITICAL **: 14:25:58.924: g_variant_type_is_subtype_of: assertion 'g_variant_type_check (type)' failed (nm-applet:1452): libnm-CRITICAL **: 14:25:58.924: ((libnm-core/nm-connection.c:1500)): assertion '<dropped>' failed
This can probably be closed as a duplicate of https://gitlab.gnome.org/GNOME/network-manager-applet/issues/3 which was fixed.
Thanks for taking the time to report this. This particular bug has already been reported into our bug tracking system, but we are happy to tell you that the problem has already been fixed. It should be solved in the next software version. You may want to check for a software upgrade provided by your Linux distribution.