Created attachment 348682 [details] gnome-keyring-3.6.3.ebuild.patch My rootfs does not support xattrs thus I'm not using capabilities. Porting to fcaps.eclass[1] changed permissions from -rwxr-xr-x 1 root root 1124064 май 17 16:38 /usr/bin/gnome-keyring-daemon to -rws--x--x 1 root root 1124064 май 17 16:54 /usr/bin/gnome-keyring-daemon This breaks kering (and most of desktop) since this service is not startable due to following error: ** Message: couldn't connect to dbus session bus: Unable to autolaunch when setuid ** Message: couldn't connect to dbus session bus: Unable to autolaunch when setuid Patch in attachment fixes this issue. [1] http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.6.3.ebuild?r1=1.1&r2=1.2
Hm and now I'm not sure about this report... Actually something changed (probably PAM configuration) and now it works if not suided... I'll try to dig further.
(In reply to Peter Volkov from comment #0) > Created attachment 348682 [details] > gnome-keyring-3.6.3.ebuild.patch Installing gnome-keyring-daemon as suid or with filecaps makes sense only if it was configured --with-libcap-ng: otherwise, it won't do anything with the capabilities which were granted to it AFAICT. So I think the correct solution is to do use caps && fcaps cap_ipc_lock usr/bin/gnome-keyring-daemon in pkg_postinst(). Could you check if that produces a working result on your system when building with USE="-caps -filecaps"?
Can you check with 3.8.x too?
+*gnome-keyring-3.12.2-r1 (23 Jun 2014) + + 23 Jun 2014; Alexandre Rostovtsev <tetromino@gentoo.org> + gnome-keyring-3.10.1.ebuild, gnome-keyring-3.12.0.ebuild, + gnome-keyring-3.12.2.ebuild, +gnome-keyring-3.12.2-r1.ebuild: + Apply cap_ipc_lock only if USE=caps, and never install gnome-keyring-daemon + as suid root since that breaks dbus activation (bug #513870, thanks to + Francesco Turco). Remove ancient libgnome-keyring pdepend, shouldn't be + needed now (bug #502434, thanks to Yaroslav Isakov).