kde-plasma/kwallet-pam not working?

[msst]

Hi all,

I am trying to set this up so that I do not have to enter the password always twice. Unfortunately plasma5 comes with no config at all for this despite emerging kwallet-pam, as seen from the fact that it installs a single file only.

[wltjr]

Looking into this myself, doing as you have done, and getting the exact same output. It seems maybe something is off with the env I tried this via command line, same thing I saw running already.

[msst]

Well, I also get basically an endless timeout trying this command

[wltjr]

I think I finally got this working. Which log in manager are you using. Have you tried sddm. Its either sddm and/or newer version of kwallet, 5 in tree, ~arch. I will see about installing sddm on my laptop with kwallet slot 4 still and see if it works or not. If not that will confirm updating kwallet fixes it or sddm. I think its kwallet update that is required but could be sddm and some issue with kdm. There is no slot 4 of kwallet-pam, so probably requires kwallet 5.

[wltjr]

It seems at this time the kwallet-pam ebuild is bound to kde:5/plasma:5. It needs a use flag or something to allow it to build with kde:4 libraries and stuff. Thus this will never work with kde:4 on gentoo till a USE flag is added and/or kwallet/kwalletmanager is updated to slot :5 with oldwallet USE flag set on kwalletmanager. SDDM or KDM have nothing to do with it as it seems.

[msst]

Coming back to this, I have here:

x11-misc/sddm
Available versions: (~)0.13.0-r1 (~)0.13.0-r3 {consolekit +pam systemd}
Installed versions: 0.13.0-r3(17:03:33 05.03.2016)(consolekit pam -systemd)

kde-apps/kwalletmanager
Available versions:
(4) 4.14.3(4/4.14) 15.04.3(4/15.04)
(5) (~)15.08.3-r1 (~)15.12.1 (~)15.12.2 {M}(~)15.12.2[1] **15.12.49.9999[1] **9999[1]
{aqua debug doc +handbook minimal}
Installed versions: 15.12.2(5)[1](23:57:29 18.02.2016)(handbook -debug -doc)

kde-apps/signon-kwallet-extension [1]
Available versions: (5) {M}(~)15.12.2 **15.12.49.9999 **9999
{debug}
Installed versions: 15.12.2(5)(23:26:20 18.02.2016)(-debug)

kde-frameworks/kwallet
Available versions: (5) (~)5.17.0(5/5.17) (~)5.18.0(5/5.1 (~)5.19.0(5/5.19) **9999(5/9999)[1]
{debug doc gpg test}
Installed versions: 5.19.0(5)(21:56:38 03.03.2016)(gpg -debug -doc -test)

kde-plasma/kwallet-pam
Available versions: (5) (~)5.4.3-r1 (~)5.5.4 (~)5.5.5 [M](~)5.5.95^m[1] **5.6.49.9999[1] **9999[1]
{debug}
Installed versions: 5.5.5(5)(17:34:42 05.03.2016)(-debug)

As you can see these versions are all clean plasma:5 slot versions. There is no slot 4 version of either kwallet or kwalletmanager installed. This should therefore not be a slot conflict?

It is still not working with 5.5.5, so it seems to me one of the slot5 components is not doing its work...

[asturm]

Works fine for me, both kde-apps/kwalletd:4 with kde-apps/kwalletd-pam:4 as well as kde-frameworks/kwallet:5 with kde-plasma/kwallet-pam:5. Tested with both KDM as well as SDDM.

Did you check what kind of wallet is actually popping up at startup?

[msst]

NetworkManager detects the wifi and wants to read the password from the system-default wallet, which has the passwords for the wifi, email etc. from this user.

I have the password to be the same as the user password that I use in sddm to login the user.

[asturm]

If you rebuild kde-plasma/kwallet-pam:5, what's in the log at the end?

[msst]

It says that my SDDM - /etc/pam.d/sddm is ...GOOD

[asturm]

Could you try with a clean session? (disable session restore on login in systemsettings)

[msst]

You mean Workspace->Start and Shutdown->At login->start with empty session? (I am not using english settings so this is translated)

That is what I use as the session restore does anyway not work with kde:5 applications and virtual desktops (it dumps them all on the desktop no 1 therefore I have it set on empty session). So I always start with a "clean session".

[BT]

Does kwallet-pam work with wallets using GPG encryption?

[asturm]

It didn't work in the beginning (known limitation), at least, but I don't know if it has changed in the meantime.

[BT]

That's what I suspected. Previously with KDE 4 I used seperate passwords for login and wallet and I had no issues. However with Plasma 5 I'm always prompted for the wallet password immediately after login. This is very annoying, so I attempted to workaround this by enabling wallet auto-unlocking. Is there anyway to prevent kwallet prompting for the password after login without disabling the kwallet subsystem?

[asturm]

Well, what application is requesting the wallet?

[BT]

Chromium is the only application that stores passwords in the wallet. The request happens during the splash screen immediately after login, so I don't think it's Chromium. However based on my experience with KDE 4, I believe the actual request is being made by KWalletManager.

[asturm]

The actual password dialog tells you what application wants to access it.

[BT]

I only get a pinentry passphrase dialog for the GPG key, and it doesn't mention which application is making the request.

[BT]

I have stoped the pinentry request immediately after login by commenting out the following in /etc/pam.d/sddm:

[asturm]

Interesting, so in that case kwallet-pam worked in the exact opposite direction of what it originally intended