Mailinglist Archive: opensuse-bugs (4069 mails)

< Previous Next >
[Bug 710038] Xfce should setup/start/configur gnome-keyring in the same way GNOME does

https://bugzilla.novell.com/show_bug.cgi?id=710038

https://bugzilla.novell.com/show_bug.cgi?id=710038#c2


--- Comment #2 from Guido Berhörster <gber@xxxxxxxxxxxx> 2011-08-09 10:21:06
UTC ---
The current situation is a bit complicated, having gnome-keyring automatically
unlocked on login involves a startup process in two steps, first it must be
started and unlocked via the PAM module on login and after that the desired
components (e.g. gpg-/shh-agent functionality) need to be initialized again and
certain environment variables need to be set for the session. Details are at
http://live.gnome.org/GnomeKeyring/RunningDaemon.

The main problem with the current Xfce desktop is that these environment
variables are not properly set if GNOME-compatibility mode is disabled.
Because the components of gnome-keyring are initialized from desktop files in
/etc/xdg/autostart the environment variables printed to stdout are simply lost.
When using GNOME, gnome-keyring passes the environment variables via DBus to
gnome-session, Xfce however doesn't implement that DBus interface and the only
way to get these environment variables is enabling the GNOME-compatibility mode
in xfce4-session which will run gnome-keyring --start again, capture its output
and set the environment variables accordingly. This has two unwanted
side-effects, gnome-keyring --start seems to enable all of gnome-keyring's
components making it impossible to selectively disable components by modifying
the corresponding autostart files and of course xfce4-session's
GNOME-compatibility mode will also start everything in /etc/xdg/autostart which
is marked OnlyShowIn=GNOME.

A separate but related problem affects the usage of plain GPG/SSH-agents
without gnome-keyring. gpg-agent which can also provides ssh-agent
functionality is started twice by default, first in /etc/X11/xdm/sys.xsession
and later again in /etc/xdg/xfce4/xinitrc and that even if the gpg-agent
functionality of gnome-keyring is used. /etc/X11/xdm/sys.xsession will not try
to start ssh-agent if gnome-keyring is already running (although a running
gnome-keyring does not necessarily imply that ssh-agent functionality will be
provided because that could be disabled). /etc/X11/xdm/sys.xsession will
however unconditionally start either seahorse-agent if seahorse is installed
and the session is GNOME (although it would be perfectly fine to use with Xfce)
or fall back to gpg-agent if installed. When gnome-keyring provides gpg-agent
functionality this results in a useless seahorse-/gpg-agent process running in
the session and is also inconsistent with how ssh-agent is handled.
/etc/xdg/xfce4/xinitrc then does not detect an already running gpg-agent and
starts yet another instance of gpg-agent with ssh-agent functionality (which
may also be potentially useless if the corresponding gnome-keyring
functionality is enabled) and thereby breaks the usage of plain ssh-/gpg-agent.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
< Previous Next >
References