** Description changed:
- SRU Justification:
- Please see
https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/2125590
+ [ Impact ]
- (same underlying bug, so I have not duplicated the SRU template here,
- just to prevent us from needing to modify it in multiple locations if
- more changes are needed)
+ On the very first user login, gnome-keyring is left in an inconsistent
+ state about whether the default keyring was created or not, and querying
+ the Secrets Service produces inconsistent results.
+ Applications trying to use the keyring to store secrets will fail to do
+ so, and break in various ways. One example is highlighted in bug
+ 2125590.
- I have ubuntu 24.04 and gnome-keyring
+ [ Test Plan ]
- apt policy gnome-keyring
- gnome-keyring:
- Installed: 46.1-2build1
- Candidate: 46.1-2build1
- Version table:
- *** 46.1-2build1 500
- 500 http://ua.archive.ubuntu.com/ubuntu noble/main amd64 Packages
- 100 /var/lib/dpkg/status
+ Here we will verify the general case.
+ For a real breakage scenario, see bug 2125590.
- When freshly created user logs in first time the login keyring created but it
is not visible in seahorse.
- In user's home files exist
+ 1. Create a new user
+ 2. Log-in with the user password
+ 3. Launch "Passwords and Keys"
+ 4. Verify that the "Login" keyring is listed in the sidebar
- myt@test-VirtualBox:~/.local/share/keyrings$ ll
- total 16
- drwx------ 2 myt myt 4096 May 9 15:36 ./
- drwx------ 11 myt myt 4096 May 9 15:36 ../
- -rw------- 1 myt myt 105 May 9 15:36 login.keyring
- -rw------- 1 myt myt 207 May 9 15:36 user.keystore
+ [ Where problems could occur ]
- I try to check via terminal is keyring is locked on first login and it
- gives me busctl --user get-property org.freedesktop.secrets
- /org/freedesktop/secrets/collection/login
- org.freedesktop.Secret.Collection Locked:
-
- Failed to get property Locked on interface
- org.freedesktop.Secret.Collection: Object does not exist at path
- “/org/freedesktop/secrets/collection/login”
-
- After I log out and then log in it gives:
- myt@test-VirtualBox:~$ busctl --user get-property org.freedesktop.secrets
/org/freedesktop/secrets/collection/login org.freedesktop.Secret.Collection
Locked
- b false
-
- I try to install Google Chrome browser from official website which uses
- keyring and it does not start in logs I see prompt which does not appear
- in screen. When user logs out and then logs in problem disappeared:
- Seahorse displays login keyring and Chrome starts successfully.
-
- Logs:
- May 09 15:37:19 test-VirtualBox dbus-daemon[533]: [system] Activating via
systemd: service name='org.bluez' unit='dbus-org.bluez.service' requested by
':1.1146' (uid=1003 pid=29505 comm="/opt/google/chrome/chrome" label="chrome
(unconfined)")
- May 09 15:37:19 test-VirtualBox systemd[1]: bluetooth.service - Bluetooth
service was skipped because of an unmet condition check
(ConditionPathIsDirectory=/sys/class/bluetooth).
- May 09 15:37:19 test-VirtualBox dbus-daemon[27983]: [session uid=1003
pid=27983] Activating service name='org.gnome.keyring.SystemPrompter' requested
by ':1.4' (uid=1003 pid=27984 comm="/usr/bin/gnome-keyring-daemon --foreground
--compo" label="unconfined")
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: bus acquired:
org.gnome.keyring.SystemPrompter
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: registering prompter
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: bus acquired:
org.gnome.keyring.PrivatePrompter
- May 09 15:37:19 test-VirtualBox dbus-daemon[27983]: [session uid=1003
pid=27983] Successfully activated service 'org.gnome.keyring.SystemPrompter'
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: acquired name:
org.gnome.keyring.SystemPrompter
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: received
BeginPrompting call from callback /org/gnome/keyring/Prompt/p3@:1.4
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: preparing a prompt
for callback /org/gnome/keyring/Prompt/p3@:1.4
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: creating new
GcrPromptDialog prompt
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: automatically
selecting secret exchange protocol
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: generating public
key
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: beginning the
secret exchange:
[sx-aes-1]\npublic=tOaQ3JOvQBNxL9ZgXnjLvXTkDduutPcB8BHaLAEPHjTrF+FCrKZbF+gJtzsUQL8LjaK6qQmzKUEhqmXgKFrHY64BijXpml3pUrWYADcfYTo8AzixXVVAcgyp2I7r5+gKNsNdu5tgZm1pMd/vY6xNcUqu4CrAFl4kSTHJkYupf77dZRY8WmoGRrEUHQHuMgCVNeE9xOLq4T36qej0gBmlDXUvPgVdZaORRZfKXoGz9SkPnhqd7+iFNO+FL2fsIJUQ\n
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: calling the
PromptReady method on /org/gnome/keyring/Prompt/p3@:1.4
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: acquired name:
org.gnome.keyring.PrivatePrompter
- May 09 15:37:19 test-VirtualBox gcr-prompter[29566]: Gcr: returned from the
PromptReady method on /org/gnome/keyring/Prompt/p3@:1.4
+ The patch impacts what happens when creating the login keyring, which may
happen on the first user-login with password or on the first time since
installing that an application tries to store secrets. It has no impact on
existing user installs, which minimizes the regression risk.
+ Problems may manifest for new users in the form of applications failing to
store secrets.
** Also affects: gnome-keyring (Ubuntu Questing)
Importance: Undecided
Status: New
** Also affects: gnome-keyring (Ubuntu Noble)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2065296
Title:
gnome-keyring missing login.keyring until first user login in seahorse
and Chrome on ubuntu 24.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-keyring/+bug/2065296/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
