Mailinglist Archive: opensuse-bugs (4069 mails)

< Previous Next >
[Bug 710038] Xfce should setup/start/configur gnome-keyring in the same way GNOME does

--- Comment #2 from Guido Berhörster <gber@xxxxxxxxxxxx> 2011-08-09 10:21:06
UTC ---
The current situation is a bit complicated, having gnome-keyring automatically
unlocked on login involves a startup process in two steps, first it must be
started and unlocked via the PAM module on login and after that the desired
components (e.g. gpg-/shh-agent functionality) need to be initialized again and
certain environment variables need to be set for the session. Details are at

The main problem with the current Xfce desktop is that these environment
variables are not properly set if GNOME-compatibility mode is disabled.
Because the components of gnome-keyring are initialized from desktop files in
/etc/xdg/autostart the environment variables printed to stdout are simply lost.
When using GNOME, gnome-keyring passes the environment variables via DBus to
gnome-session, Xfce however doesn't implement that DBus interface and the only
way to get these environment variables is enabling the GNOME-compatibility mode
in xfce4-session which will run gnome-keyring --start again, capture its output
and set the environment variables accordingly. This has two unwanted
side-effects, gnome-keyring --start seems to enable all of gnome-keyring's
components making it impossible to selectively disable components by modifying
the corresponding autostart files and of course xfce4-session's
GNOME-compatibility mode will also start everything in /etc/xdg/autostart which
is marked OnlyShowIn=GNOME.

A separate but related problem affects the usage of plain GPG/SSH-agents
without gnome-keyring. gpg-agent which can also provides ssh-agent
functionality is started twice by default, first in /etc/X11/xdm/sys.xsession
and later again in /etc/xdg/xfce4/xinitrc and that even if the gpg-agent
functionality of gnome-keyring is used. /etc/X11/xdm/sys.xsession will not try
to start ssh-agent if gnome-keyring is already running (although a running
gnome-keyring does not necessarily imply that ssh-agent functionality will be
provided because that could be disabled). /etc/X11/xdm/sys.xsession will
however unconditionally start either seahorse-agent if seahorse is installed
and the session is GNOME (although it would be perfectly fine to use with Xfce)
or fall back to gpg-agent if installed. When gnome-keyring provides gpg-agent
functionality this results in a useless seahorse-/gpg-agent process running in
the session and is also inconsistent with how ssh-agent is handled.
/etc/xdg/xfce4/xinitrc then does not detect an already running gpg-agent and
starts yet another instance of gpg-agent with ssh-agent functionality (which
may also be potentially useless if the corresponding gnome-keyring
functionality is enabled) and thereby breaks the usage of plain ssh-/gpg-agent.

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.
< Previous Next >