When upgrading to =dev-libs/glib-2.70.0 one may realize that the gnome-keyring-daemon is no longer able to use the Passwords stores, which contains Login and Default keyrings. Reverting to =dev-libs/glib-2.68.4 fixes the problem for gnome-keyring-daemon and seahorse can also see the Passwords store. Reproducible: Always Steps to Reproduce: 1. Upgrade to =dev-libs/glib-2.70.0 2. Restart gnome-keyring-daemon 3. Observe how your Passwords store is no longer available nor visible in seahorse Actual Results: no stored passwords can be used Expected Results: stored passwords can be used XFCE4 DE Chromium slow to start No application is able to see the Passwords store While using =dev-libs/glib-2.70.0, gnome-keyring-daemon is complaining about: couldn't connect to dbus session bus: Cannot spawn a message bus when setuid Some references (*1) mention that if you compile dbus with 'user-session' flag on, it may work with glib-2.70.0, however, I have not yet tested this: *1: https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1789441.html
Installing =dev-libs/glib-2.70.0 with recompiled sys-apps/dbus[+user-session] does not fix the problem on openRC system.
same problem, temporarily downgrade glib and glib-networking helps me.
Please try USE=-caps on gnome-keyring only and report back. If that helps, I think we can just remove the USE flag to match what Fedora did to fix this, but I can't test tonight myself.
Recompiling gnome-keyring with USE=-caps fixes the issue for me.
Recompiling gnome-keyring with USE=-caps helps me. thanks.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2a3e929650d327c5f57ec2f646b1cb749d60843 commit c2a3e929650d327c5f57ec2f646b1cb749d60843 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2021-09-29 12:11:13 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2021-09-29 12:11:13 +0000 gnome-base/gnome-keyring: drop IUSE=caps for compat with glib-2.70 Always disable libcap-ng dependency. Drop cap_ipc_lock capability setting that was needed for libcap-ng case, but does not work right with glib-2.70 stricter security checks. This unbreaks the dbus service when ran with glib-2.70 or later. This matches what was done in Fedora and Debian for the time being (they had always built with our equivalent of USE=caps) to fix the compatibility. There must be enough memlock limit (RLIMIT_MEMLOCK) for this to work afterwards, however when it doesn't, it fallbacks to arguably less secure malloc (the memory could be swapped out) and doesn't lose actual functionality. This was the case already with larger keyrings, and thus not a security regression in practice. If you want extra security, encrypt your swap. Further technical details were discussed in: https://gitlab.gnome.org/GNOME/gnome-keyring/-/issues/77 https://gitlab.gnome.org/GNOME/gnome-keyring/-/merge_requests/41 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1862 https://gitlab.gnome.org/GNOME/glib/-/issues/2316 Bug: https://bugs.gentoo.org/815154 Package-Manager: Portage-3.0.20, Repoman-3.0.2 Signed-off-by: Mart Raudsepp <leio@gentoo.org> .../gnome-keyring/gnome-keyring-40.0-r1.ebuild | 79 ++++++++++++++++++++++ 1 file changed, 79 insertions(+)
Thanks, the new -r1 ebuild works here too.
I have struggled with evolution that couldn't connect to gnome-keyring and finally go the way to downgrade glib and glib-networking and that solve it. I decide to open a bug and finish here ! So I go to full upgrade with gnome-keyring-40.0-r1.ebuild and I confirm that is working like a charm. Thanks !
After upgrading to gnome-keyring-40.0-r1.ebuild, my keyring stopped working. I now get from gnome-keyring-daemon: > gnome-keyring-daemon[14275]: Couldn't connect to session bus: Cannot spawn a message bus when setuid Any hint, I can do against that?
Got it working with setcap -r /usr/bin/gnome-keyring-daemon But why is /usr/bin/gnome-keyring-daemon setcap? I thought the caps useflag has been removed.
*** Bug 829956 has been marked as a duplicate of this bug. ***
