[arch-general] gnome-keyring madness
Seahorse 3.20.0-2 has a new hard dependency on gnome-keyring. Should gnome-keyring instead be an optional dependency? Seahorse can cope without gnome-keyring (although with warnings about not being able to talk to gnome-keyring). And for some reason, lightdm likes to launch gnome-keyring automatically, and this breaks my setup because I use gpg-agent with pinentry-gtk-2 to handle SSH keys. However gnome-keyring naively assumes that it may (incorrectly) handle SSH keys. Is there any way to tell lightdm not to launch gnome-keyring? (And yes, the obvious answer is to uninstall gnome-keyring. However, virt-manager has a hard dependency on seahorse.) Update: it turns out that virt-manager has a dependency on x11-ssh-askpass, which seahorse provides. My workaround for now is to install x11-ssh-askpass and uninstall seahorse and gnome-keyring (even though I will never use x11-ssh-askpass). There is something wrong with this dependency chain. Will someone smarter than me please look into it? * Should gpg-agent and/or pinentry provide x11-ssh-askpass? * Should gnome-keyring be an optional dep for seahorse, considering that seahorse copes without it although in a limited form? * Should virt-manager have a hard dependency on x11-ssh-askpass? --Kyle
On Mon, 13 Jun 2016 18:07:06 -0700, Kyle Terrien via arch-general wrote:
And for some reason, lightdm likes to launch gnome-keyring automatically
After taking a look at https://www.archlinux.org/packages/extra/i686/gnome-keyring/ I guess you should use /etc/pacman.conf. NoExtract = etc/xdg/autostart/gnome-keyring-pkcs11.desktop etc/xdg/autostart/gnome-keyring-secrets.desktop etc/xdg/autostart/gnome-keyring-ssh.desktop Regards, Ralf
PS: Btw. I don't have gnome-keyring installed, but I'm doing this to get rid of etc/xdg/autostart/parcellite-startup.desktop. Take a look at https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.... , it should be your desktop environment that is auto starting. I've got lightdm , openbox and parcellite installed for an Arch and an Ubuntu install. By default both variables, $XDG_CONFIG_DIRS and $XDG_CONFIG_HOME are empty for the Arch install, but parcellite would get auto-started without the options I want, if I would extract the xdg desktop file. For the Ubuntu install I got rid of the wrong autostart by overwriting $XDG_CONFIG_DIRS in .config/openbox/autostart, so I could keep the file in /etc/xdg/autostart/. [rocketmouse@archlinux ~]$ echo $XDG_CONFIG_DIRS $XDG_CONFIG_HOME [rocketmouse@archlinux ~]$ grep XDG /mnt/moonstudio/home/weremouse/.config/openbox/autostart export XDG_CONFIG_DIRS=""
Ralf Mardorf wrote:
Take a look at https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.... , it should be your desktop environment that is auto starting.
Thanks, but I tried that weeks ago. It is not the autostart feature of the desktop environment that is starting gnome-keyring. From what I can figure out, it is lightdm that is starting gnome-keyring. What's doubly annoying is that gnome-keyring stays alive after I log out, meaning that the systemd login session is never terminated. This can cause some bizarre issues when logging in again. In fact, my day-to-day "desktop environment" (Window Maker) doesn't even support xdg autostart, so I know autostart is not the culprit. (I am starting programs in the xprofile.) Given the bizarre integration bugs that gnome-keyring brings, I would rather just remove it entirely for now: 1. Seahorse can run without gnome-keyring running in the background. Why is there a hard dependency? 2. virt-manager runs fine when gpg-agent handles SSH keys. Why do I need to have its dependency x11-ssh-askpass installed? --Kyle
On 06/14/2016 02:21 PM, Kyle Terrien via arch-general wrote:
Ralf Mardorf wrote:
Take a look at https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.... , it should be your desktop environment that is auto starting.
Thanks, but I tried that weeks ago. It is not the autostart feature of the desktop environment that is starting gnome-keyring. From what I can figure out, it is lightdm that is starting gnome-keyring.
Actually it's pam. Look in these files: /etc/pam.d/lightdm /etc/pam.d/lightdm-autologin /etc/pam.d/xscreensaver /etc/pam.d/sddm-autologin Jerome -- mailto:jeberger@free.fr http://jeberger.free.fr Jabber: jeberger@jabber.fr
Jérôme M. Berger wrote:
On 06/14/2016 02:21 PM, Kyle Terrien via arch-general wrote:
Thanks, but I tried that weeks ago. It is not the autostart feature of the desktop environment that is starting gnome-keyring. From what I can figure out, it is lightdm that is starting gnome-keyring.
Actually it's pam. Look in these files:
/etc/pam.d/lightdm /etc/pam.d/lightdm-autologin /etc/pam.d/xscreensaver /etc/pam.d/sddm-autologin
Jerome
And *that* is the missing piece of information. Thank you! --Kyle
On Tue, 14 Jun 2016 05:21:11 -0700, Kyle Terrien via arch-general wrote:
1. Seahorse can run without gnome-keyring running in the background. Why is there a hard dependency? 2. virt-manager runs fine when gpg-agent handles SSH keys. Why do I need to have its dependency x11-ssh-askpass installed?
Good questions. Right now I notice that I've got gnome-keyring installed and it's running. [rocketmouse@archlinux ~]$ pgrep -a gnome-keyring 1582 /usr/bin/gnome-keyring-daemon --start --foreground --components=secrets However, no unwanted side effects here. Perhaps useful for Evolution.
participants (3)
-
Jérôme M. Berger
-
Kyle Terrien
-
Ralf Mardorf