Ethan Glasser-Camp <ethan.glasser.c...@gmail.com> writes:
Hi Ethan,
> Hi! I was using the Seahorse application to identify the user, host
> and port of each secret, but I did the same thing with M-x
> secrets-show-secrets and saw pretty much the same thing:
>
> ```
> [-] Login
> |-[+] Password for ’’ on ’gh:github.com’
> |-[-] root@black-diamond
> | |- password: *********************************** [Show
> password]
> | |- host: black-diamond
> | |- port: sudo
> | |- user: root
> | `- xdg:schema: org.freedesktop.Secret.Generic
> |-[+] Github API key for forge
> `-[-] root@black-diamond
> |- password: *********************************** [Show
> password]
> |- host: black-diamond
> |- port: sudo
> |- user: root
> `- xdg:schema: org.freedesktop.Secret.Generic
> [+] session
> ```
>
> Here's the same result using elisp directly:
>
> ```
> (secrets-item-path "Login" "root@black-diamond")
> "/org/freedesktop/secrets/collection/login/2"
>
> (secrets-get-item-properties
> "/org/freedesktop/secrets/collection/login/2")
> (("Locked") ("Attributes" ("host" "black-diamond") ("port" "sudo")
> ("user" "root") ("xdg:schema" "org.freedesktop.Secret.Generic"))
> ("Label" . "root@black-diamond") ("Type" .
> "org.freedesktop.Secret.Generic") ("Created" . 1663727104) ("Modified"
> . 1663727104))
>
> ;; I also wanted to check the other secret. I wasn't sure exactly what
> ID it was and since they both have the same label, I didn't think I
> could use `secrets-item-path`. I just tried guessing until I found it
> (secrets-get-item-properties
> "/org/freedesktop/secrets/collection/login/1")
> (("Locked") ("Attributes" ("host" "black-diamond") ("port" "sudo")
> ("user" "root") ("xdg:schema" "org.freedesktop.Secret.Generic"))
> ("Label" . "root@black-diamond") ("Type" .
> "org.freedesktop.Secret.Generic") ("Created" . 1663726391) ("Modified"
> . 1663726391))
> ```
>
> Thanks for your patience,
This looks proper, and both entries have the "user" property "root". So
they shouldn't be taken into account when searching for the user "ethan".
I suppose your password is taken from soewhere in the cache. Could you,
please, open a *new* Emacs session, and run there
--8<---------------cut here---------------start------------->8---
(setq auth-source-debug t
auth-source-save-behavior 'ask
secrets-debug t)
--8<---------------cut here---------------end--------------->8---
Then do your 'C-x C-f /sudo::'. You should be asked for the password,
and in the *Messages* there shall be something like (from my example)
--8<---------------cut here---------------start------------->8---
Secret Service session: /org/freedesktop/secrets/session/s11
auth-source-search: found 0 results (max 2305843009213693951) matching (:port
"sudo" :require (:port) :max 2305843009213693951)
auth-source-search: found 0 CACHED results matching (:port "sudo" :require
(:port) :max 2305843009213693951) [15 times]
Tramp: Opening connection for root@gandalf using sudo...
auth-source-search: found 0 results (max 1) matching (:max 1 :user "albinus"
:host "gandalf" :port "sudo" :require (:secret :user) :create t)
auth-source-search: found 0 results (max 1) matching (:max 1 :host "gandalf"
:port "sudo")
auth-source-search: CREATED 1 results (max 1) matching (:max 1 :user "albinus"
:host "gandalf" :port "sudo" :require (:secret :user) :create t)
Save auth info to secrets collection session? [y/n/N/?] y
secrets-create-item: wrote 1 new item to session
Saved new authentication information to session
--8<---------------cut here---------------end--------------->8---
And the new entry shall be in your "Login" collection.
> Ethan
Best regards, Michael.
