You are not logged in.

#1 2017-05-27 07:00:36

MilanKnizek
Member
Registered: 2005-12-13
Posts: 88

[SOLVED] Gnome keyring does not unlock anymore

A few days/weeks ago (probably after some of the system upgrades), the Gnome keyring asks for a password after login, while in the past it was open automatically by PAM.

$ grep -r pam_gnome_keyring.so /etc/pam.* 
/etc/pam.d/system-login:auth      optional  pam_gnome_keyring.so
/etc/pam.d/system-login:session   optional  pam_gnome_keyring.so auto_start
/etc/pam.d/passwd:password	optional	pam_gnome_keyring.so
/etc/pam.d/gdm-autologin:auth     optional  pam_gnome_keyring.so
/etc/pam.d/gdm-autologin:session  optional  pam_gnome_keyring.so auto_start
/etc/pam.d/gdm-password:auth     optional  pam_gnome_keyring.so
/etc/pam.d/gdm-password:password optional  pam_gnome_keyring.so use_authtok
/etc/pam.d/gdm-password:session  optional  pam_gnome_keyring.so auto_start
/etc/pam.d/gdm-pin:auth     optional  pam_gnome_keyring.so
/etc/pam.d/gdm-pin:password optional  pam_gnome_keyring.so use_authtok
/etc/pam.d/gdm-pin:session  optional  pam_gnome_keyring.so auto_start

'/etc/pam.d/gdm-password' is the default as provided by package:

auth     include   system-local-login
auth     optional  pam_gnome_keyring.so

account  include   system-local-login

password include   system-local-login
password optional  pam_gnome_keyring.so use_authtok

session  optional  pam_keyinit.so force revoke
session  include   system-local-login
session  optional  pam_gnome_keyring.so auto_start

Since I use GDM, the default keyring is supposed to be named "login" to be automatically unlocked. Seahorse shows keyring name "Login", but the file seems to be named correctly '$HOME/.local/share/keyrings/login.keyring'.

Any idea how to debug it? I use a pretty long password and retyping it several types (login, keyring, keepass) drives me crazy...

Last edited by MilanKnizek (2017-05-27 07:25:44)


--
Milan Knizek
http://knizek.net

Offline

#2 2017-05-27 07:25:28

MilanKnizek
Member
Registered: 2005-12-13
Posts: 88

Re: [SOLVED] Gnome keyring does not unlock anymore

Well, I gave up too early before trying all options.

The problem is solved by removing the "pam_gnome_keyring.so" lines from /etc/pam.d/system-login, which I added there some time in the past to make the Gnome keyring work in a different environment.

This file got sourced (indirectly) by /etc/pam.d/gdm-password, which ended up with two instances of 'pam_gnome_keyring.so'. I do not know why this is problematic now and was okay few weeks ago, but problem is solved now.


--
Milan Knizek
http://knizek.net

Offline

Board footer

Powered by FluxBB