You are not logged in.

#1 2021-06-15 12:26:17

mane.andrea
Member
Registered: 2021-04-29
Posts: 8

gnome-keyring randomly re-locks

I am using gnome-keyring and I unlock it at login with sddm by setting its password to be the same as my user's password.
It works as expected but, after some times, the keyring re-locks again. I can just re-unlock it with the password, but I want to find a proper solution.

I cannot pinpoint when/why it happens because I typically notice it a lot later, when I try to use some app that queries the keyring.

In the journal I don't find anything strange, here is the result of grepping gnome

$ journalctl -b | grep gnome
Jun 15 08:28:23 phy-nordri audit[601]: USER_AUTH pid=601 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_shells,pam_faillock,pam_permit,pam_faillock,pam_gnome_keyring acct="andrea" exe="/usr/lib/sddm/sddm-helper" hostname=? addr=? terminal=? res=success'
Jun 15 08:28:23 phy-nordri kernel: audit: type=1100 audit(1623738503.203:69): pid=601 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_shells,pam_faillock,pam_permit,pam_faillock,pam_gnome_keyring acct="andrea" exe="/usr/lib/sddm/sddm-helper" hostname=? addr=? terminal=? res=success'
Jun 15 08:28:23 phy-nordri kernel: audit: type=1103 audit(1623738503.206:71): pid=601 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_shells,pam_faillock,pam_permit,pam_faillock,pam_gnome_keyring acct="andrea" exe="/usr/lib/sddm/sddm-helper" hostname=? addr=? terminal=? res=success'
Jun 15 08:28:23 phy-nordri audit[601]: CRED_ACQ pid=601 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_shells,pam_faillock,pam_permit,pam_faillock,pam_gnome_keyring acct="andrea" exe="/usr/lib/sddm/sddm-helper" hostname=? addr=? terminal=? res=success'
Jun 15 08:28:23 phy-nordri sddm-helper[601]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring
Jun 15 08:28:23 phy-nordri audit[601]: USER_START pid=601 uid=0 auid=1000 ses=2 msg='op=PAM:session_open grantors=pam_keyinit,pam_loginuid,pam_keyinit,pam_limits,pam_unix,pam_permit,pam_mail,pam_systemd,pam_env,pam_kwallet5,pam_gnome_keyring acct="andrea" exe="/usr/lib/sddm/sddm-helper" hostname=? addr=? terminal=:0 res=success'
Jun 15 13:57:56 phy-nordri gnome-keyring-daemon[1241669]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory
Jun 15 13:57:56 phy-nordri gnome-keyring-d[1241669]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory
Jun 15 13:57:56 phy-nordri dbus-daemon[624]: [session uid=1000 pid=624] Activating service name='org.gnome.keyring.SystemPrompter' requested by ':1.175' (uid=1000 pid=1241669 comm="/usr/bin/gnome-keyring-daemon --start --foreground")
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: bus acquired: org.gnome.keyring.SystemPrompter
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: bus acquired: org.gnome.keyring.PrivatePrompter
Jun 15 13:57:56 phy-nordri dbus-daemon[624]: [session uid=1000 pid=624] Successfully activated service 'org.gnome.keyring.SystemPrompter'
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: acquired name: org.gnome.keyring.SystemPrompter
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: received BeginPrompting call from callback /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: preparing a prompt for callback /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: acquired name: org.gnome.keyring.PrivatePrompter
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:57:56 phy-nordri gcr-prompter[1241676]: Gcr: starting password prompt for callback /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: completed password prompt for callback :1.175@/org/gnome/keyring/Prompt/p2
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: calling the PromptReady method on /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: returned from the PromptReady method on /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: received PerformPrompt call from callback /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: stopping prompting for operation /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: couldn't find the callback for prompting operation /org/gnome/keyring/Prompt/p2@:1.175
Jun 15 13:58:09 phy-nordri gcr-prompter[1241676]: Gcr: calling the PromptDone method on /org/gnome/keyring/Prompt/p2@:1.175, and ignoring reply
Jun 15 13:58:10 phy-nordri gnome-keyring-daemon[1241669]: asked to register item /org/freedesktop/secrets/collection/login/2, but it's already registered
Jun 15 13:58:10 phy-nordri gnome-keyring-d[1241669]: asked to register item /org/freedesktop/secrets/collection/login/2, but it's already registered
Jun 15 13:58:10 phy-nordri gnome-keyring-daemon[1241669]: asked to register item /org/freedesktop/secrets/collection/login/1, but it's already registered
Jun 15 13:58:10 phy-nordri gnome-keyring-d[1241669]: asked to register item /org/freedesktop/secrets/collection/login/1, but it's already registered

(I use KDE and gnome-keyring is the only gnome app I have. Why you ask? Because skype-for-linux only works with gnome-keyring)


My pam configuration file is:

$ cat /etc/pam.d/sddm
#%PAM-1.0

auth            include         system-login
-auth           optional        pam_kwallet5.so
auth            optional        pam_gnome_keyring.so

account         include         system-login

password        include         system-login

session         optional        pam_keyinit.so force revoke
session         include         system-login
-session        optional        pam_kwallet5.so auto_start
session         optional        pam_gnome_keyring.so auto_start

I have made sure that the keyring is not initialized by any other pam module, and to confirm that, at login, calling

$ ps -A | grep gnome

only gives one instance.

Last edited by mane.andrea (2021-06-17 21:30:25)

Offline

Board footer

Powered by FluxBB