Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 829956

Summary: gnome-base/gnome-keyring-40.0: cannot start from sys-apps/dbus if compiled with caps
Product: Gentoo Linux Reporter: Viorel Munteanu <ceamac>
Component: Current packagesAssignee: Gentoo Linux Gnome Desktop Team <gnome>
Status: UNCONFIRMED ---    
Severity: normal CC: jstein, sam
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Viorel Munteanu gentoo-dev 2021-12-25 10:49:08 UTC 
If compiled with USE=caps, trying to start org.freedesktop.secrets.service results in a timeout.  Trying the command by hand gives this:

$ usr/bin/gnome-keyring-daemon --start --foreground --components=secrets
SSH_AUTH_SOCK=/run/user/1001/keyring/ssh

** (gnome-keyring-daemon:15495): WARNING **: 12:32:58.574: Couldn't connect to session bus: Cannot spawn a message bus when setuid

gnome-keyring is not actually setuid, but it has cap_ipc_lock=ep.

As a workaround, if I compile with USE="filecaps -caps" it works, I suppose because it cannot check file caps and is still not setuid.  But this basically disables a security check.

I think other distributions have this solved from dbus instead, so maybe this bug belongs there.