Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
gnome-keyring not getting password from pam
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
Massimo B.
Veteran
Veteran


Joined: 09 Feb 2005
Posts: 1535
Location: Germany

PostPosted: Wed Oct 10, 2018 7:21 am    Post subject: gnome-keyring not getting password from pam Reply with quote

Hi,

I have emerged gnome-base/gnome-keyring-3.28.2 with USE="pam", but I'm still asked for the gnome-keyring password. I have set the same password for the keyring and for the user. Is that required anyway or is the keyring password just encrypted by the user-password? However it doesn't work. What steps are necessary?

Moreover I would like to reduce the count of passwords without loosing too much security. Having a LUKS password on boot and full encryption, I would prefer the password-less login to the Window Manager. But then it would not be possible to pass the password to the keyring anymore, is it? Having a completely unencrypted keyring, would that be a big security issue? I mean the shut down system is safe based on the encryption. But for the running system, the unencrypted keyring files would be accessible by each process, is that true?
_________________
ppc:PowerBook5,8 15"(1440)-G4/1.67,2G|amd64:HP EliteBook 8560w,i7-2620M,16G|amd64:Acer Z5610 (Core2QuadQ8200),8G|amd64-prefix:OpenSuse
Lila-Theme
Back to top
View user's profile Send private message
Massimo B.
Veteran
Veteran


Joined: 09 Feb 2005
Posts: 1535
Location: Germany

PostPosted: Mon Dec 17, 2018 8:17 am    Post subject: Reply with quote

What is the right pam.d setting for the keyring? Currently I found this:
Code:
# grep keyring /etc/pam.d/*
/etc/pam.d/passwd:-password   optional   pam_gnome_keyring.so use_authtok

However Ubuntu [1] mentions a different pam.d configuration for /etc/pam.d/gdm or /etc/pam.d/lightdm:
Code:
auth optional pam_gnome_keyring.so
session optional pam_gnome_keyring.so auto_start

[1] https://wiki.ubuntuusers.de/GNOME_Schl%C3%BCsselbund/#Keyring-Daemon-deaktivieren
_________________
ppc:PowerBook5,8 15"(1440)-G4/1.67,2G|amd64:HP EliteBook 8560w,i7-2620M,16G|amd64:Acer Z5610 (Core2QuadQ8200),8G|amd64-prefix:OpenSuse
Lila-Theme
Back to top
View user's profile Send private message
Massimo B.
Veteran
Veteran


Joined: 09 Feb 2005
Posts: 1535
Location: Germany

PostPosted: Mon Dec 17, 2018 8:46 am    Post subject: Reply with quote

I have adapted the configuration like this now, and it seems to work, at least after a logout and new login:
Code:
# grep keyring /etc/pam.d/*
/etc/pam.d/lightdm:auth    optional        pam_gnome_keyring.so
/etc/pam.d/lightdm:session optional        pam_gnome_keyring.so    auto_start
/etc/pam.d/passwd:password   optional   pam_gnome_keyring.so use_authtok
/etc/pam.d/xscreensaver:auth    optional        pam_gnome_keyring.so

_________________
ppc:PowerBook5,8 15"(1440)-G4/1.67,2G|amd64:HP EliteBook 8560w,i7-2620M,16G|amd64:Acer Z5610 (Core2QuadQ8200),8G|amd64-prefix:OpenSuse
Lila-Theme
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum