View previous topic :: View next topic |
Author |
Message |
r7l Tux's lil' helper
Joined: 16 Feb 2019 Posts: 89
|
Posted: Mon May 22, 2023 11:02 pm Post subject: [SOLVED] Gnome Keyring lost GPG support after update |
|
|
Hello,
after a recent update, i've lost GPG support in Gnome Keyring. There was a minor update of gnome-keyring but it was only from gnome-keyring-42.1-r1 to gnome-keyring-42.1-r2. The keys are still there and i can see them with Seahorse but i need to enter a password every time i want to use those keys. It was working without this password popup before.
After some digging i've noted that the environment variable "GPG_AGENT_INFO" is missing now. I have another system where i haven't done the updates yet and the variable is set there and everything is working as expected. Anyone knows where this variable is set in Gentoo? I am currently assuming this might be the cause.
Thanks in advance for any help.
Last edited by r7l on Fri Jun 02, 2023 1:44 pm; edited 2 times in total |
|
Back to top |
|
|
sam_ Developer
Joined: 14 Aug 2020 Posts: 1707
|
Posted: Tue May 23, 2023 2:32 am Post subject: |
|
|
Do you have USE=gnome-keyring set on sys-auth/pambase? |
|
Back to top |
|
|
r7l Tux's lil' helper
Joined: 16 Feb 2019 Posts: 89
|
Posted: Tue May 23, 2023 8:41 am Post subject: |
|
|
Yes i have. This hasn't changed and sys-auth/pambase hasn't been updated or reinstalled for almost a year.
When doing a grep over /etc/pam.d i can see this:
Code: | /etc/pam.d/gdm-autologin:auth optional pam_gnome_keyring.so
/etc/pam.d/gdm-autologin:session optional pam_gnome_keyring.so auto_start
/etc/pam.d/gdm-fingerprint:auth optional pam_gnome_keyring.so
/etc/pam.d/gdm-fingerprint:session optional pam_gnome_keyring.so auto_start
/etc/pam.d/gdm-password:auth optional pam_gnome_keyring.so
/etc/pam.d/gdm-password:password optional pam_gnome_keyring.so use_authtok
/etc/pam.d/gdm-password:session optional pam_gnome_keyring.so auto_start
/etc/pam.d/gdm-smartcard:auth optional pam_gnome_keyring.so
/etc/pam.d/gdm-smartcard:session optional pam_gnome_keyring.so auto_start
/etc/pam.d/passwd:password optional pam_gnome_keyring.so use_authtok
|
This is identical on both of my systems.
I also have identical /etc/gnupg/gpg-agent.conf files on both systems. They only contain the default:
Code: | default-cache-ttl 600 |
Other then that there is no additional configuration in ~/.gnupg
Both systems are mostly identical as one is my stationary desktop while the other one is my laptop. |
|
Back to top |
|
|
r7l Tux's lil' helper
Joined: 16 Feb 2019 Posts: 89
|
Posted: Fri Jun 02, 2023 1:45 pm Post subject: |
|
|
The situation resolved itself. There were a couple changes with new keyring USE flags recently and i've updated them accordingly. It does work as before again. |
|
Back to top |
|
|
sunox Tux's lil' helper
Joined: 26 Jan 2022 Posts: 136
|
Posted: Sun Jun 25, 2023 6:06 pm Post subject: |
|
|
Could you please describe what you did to get it working again? I believe I am facing the same problem. In trying to find a solution I noticed the new 'keyring' use flag for pinentry which I have enabled. |
|
Back to top |
|
|
r7l Tux's lil' helper
Joined: 16 Feb 2019 Posts: 89
|
Posted: Mon Jun 26, 2023 9:13 pm Post subject: |
|
|
I haven't done much except for setting USE flags accordingly / selectively where i need it. There are still packages using gnome-keyring while others have keyring. Like sys-auth/pambase which still has gnome-keyring and app-crypt/pinentry only has keyring. I am not even sure if both always meant to be for the same thing.
Other then that i have not changed much. No local gnupg settings apart from defaults in /etc/gnupg. But i have to admit that it's still not working perfectly. I always have to manually trigger SSH keys once after boot. I am not able to login with scripts (like Ansible) right away to run stuff remotely without spinning up a terminal and SSH somewhere first. After that, it works as expected for the rest of the session and doesn't even matter if it would be a different SSH key for different hosts. All of them work once i've used one of them. |
|
Back to top |
|
|
sunox Tux's lil' helper
Joined: 26 Jan 2022 Posts: 136
|
Posted: Tue Jun 27, 2023 3:42 pm Post subject: |
|
|
Thanks for the response.
I added the 'keyring' USE for qtkeychain which seems to enable Nextcloud to make use of the keyring. It seems that gpg is able to make use of the keyring now without me doing anything? ¯\_(ツ)_/¯ Who knows! Anyway thank you again. |
|
Back to top |
|
|
|