View previous topic :: View next topic |
Author |
Message |
fturco Veteran
Joined: 08 Dec 2010 Posts: 1181 Location: Italy
|
Posted: Thu Jun 19, 2014 11:24 am Post subject: [SOLVED] gnome-keyring-daemon processes running as root |
|
|
I'm a GNOME 3.12 user with a couple of problems that could depend on GNOME keyring running as root instead of a non-privileged user.
This is the situation before logging in with GDM:
Code: | $ ps aux | grep keyring
root 458 0.0 0.0 115220 2808 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login
fturco 474 0.0 0.0 10572 2212 tty1 S+ 10:53 0:00 grep --colour=auto keyring |
This is the situation after logging in with GDM:
Code: | $ ps aux | grep keyring
root 458 0.0 0.0 115220 2808 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login
root 495 0.0 0.0 115220 2784 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login
root 499 0.0 0.0 115248 3672 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login
root 534 0.0 0.1 294352 8692 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --start --components=ssh
root 550 0.0 0.1 359888 8636 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --start --components=pkcs11
root 558 0.0 0.1 359888 8480 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --start --components=secrets
root 568 0.0 0.1 294356 8560 ? Sl 10:53 0:00 /usr/bin/gnome-keyring-daemon --start --components=gpg
fturco 753 0.0 0.0 10576 2236 pts/0 S+ 10:54 0:00 grep --colour=auto keyring |
As you can see I have many gnome-keyring-daemon processes running as root. I also noted that on my system /usr/bin/gnome-keyring-daemon has the setuid bit set:
Code: | $ ls -l /usr/bin/gnome-keyring-daemon
-rws--x--x 1 root root 940184 Jun 8 16:18 /usr/bin/gnome-keyring-daemon |
Some directories are owned by root:
Code: | $ ls -ld /run/user/1000/keyring/
drwx------ 2 root fturco 100 Jun 15 10:55 /run/user/1000/keyring/ |
Code: | $ ls -ld /home/fturco/.local/share/keyrings
drwx------ 2 root fturco 4096 Jun 9 18:53 /home/fturco/.local/share/keyrings |
Is all of this normal?
At the beginning I hinted at a couple of problem I'm having:
- I cannot access my e-mail account with Evolution
- I also cannot connect to my VPN with Network Manager
In both cases I get the following error message in journalctl:
Quote: | Error calling StartServiceByName for org.freedesktop.secrets: Timeout was reached |
There are two bugs on GNOME bugzilla describing these problems, one for Evolution and the other one for Network Manager:
Thank you.
Last edited by fturco on Sun Jun 29, 2014 11:12 am; edited 1 time in total |
|
Back to top |
|
|
druggo Apprentice
Joined: 24 Sep 2003 Posts: 289 Location: Hangzhou, China
|
Posted: Thu Jun 19, 2014 1:16 pm Post subject: |
|
|
mine has no setuid:
Code: | -rwx--x--x 1 root root 932056 Jun 3 22:36 /usr/bin/gnome-keyring-daemon
|
you can try unset the setuid bit:) _________________ HighWayToHell(blog)
http://blog.druggo.org/ |
|
Back to top |
|
|
fturco Veteran
Joined: 08 Dec 2010 Posts: 1181 Location: Italy
|
Posted: Thu Jun 19, 2014 3:30 pm Post subject: |
|
|
Thank you! Unsetting the setuid fixes the problem!
Edit: reinstalling the gnome-keyring package causes the setuid bit to be enabled again. I filed a bug report: https://bugs.gentoo.org/show_bug.cgi?id=513870. |
|
Back to top |
|
|
druggo Apprentice
Joined: 24 Sep 2003 Posts: 289 Location: Hangzhou, China
|
Posted: Mon Jun 23, 2014 1:31 pm Post subject: |
|
|
Oh, I'm lucky that caps enabled by default _________________ HighWayToHell(blog)
http://blog.druggo.org/ |
|
Back to top |
|
|
fturco Veteran
Joined: 08 Dec 2010 Posts: 1181 Location: Italy
|
Posted: Sun Jun 29, 2014 11:14 am Post subject: |
|
|
Bug 513870 has been fixed. I marked this thread as solved. |
|
Back to top |
|
|
|