Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 563670 - gnome-base/gnome-keyring-3.16.0-r1: couldn't allocate secure memory to keep passwords and or keys from being written to the disk
Summary: gnome-base/gnome-keyring-3.16.0-r1: couldn't allocate secure memory to keep p...
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] GNOME (show other bugs)
Hardware: All Linux
: Normal normal with 2 votes (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-10-21 11:26 UTC by Pacho Ramos
Modified: 2019-01-02 05:18 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Pacho Ramos gentoo-dev 2015-10-21 11:26:38 UTC
I have always wondered about why this warning is shown:
couldn't allocate secure memory to keep passwords and or keys from being written to the disk

Googling a bit, it seems that maybe we are not setting the caps capabilities properly:
http://unix.stackexchange.com/questions/20451/gnome-keyring-daemon-couldnt-allocate-secure-memory

It looks like Arch is setting it to cap_ipc_lock=ep while we don't set the "ep" part :/
https://projects.archlinux.org/svntogit/packages.git/tree/trunk/gnome-keyring.install?h=packages/gnome-keyring
Comment 1 Pacho Ramos gentoo-dev 2015-10-21 11:29:40 UTC
Bleh, per this it looks like it's ok:
# getcap /usr/bin/gnome-keyring-daemon 
/usr/bin/gnome-keyring-daemon = cap_ipc_lock+ep


I don't know then why this message is shown :S
Comment 2 Alexander Tsoy 2015-10-21 22:13:59 UTC
You probably need to increase memlock limit. :)

$ ulimit -l
64
$ pwsafe -l
WARNING: pwsafe unable to use secure ram (need to be setuid root)
Enter passphrase for /home/xxx/.pwsafe.dat:
$ echo '@users        -       memlock       256' | sudo tee /etc/security/limits.d/memlock.conf
@users        -       memlock       256
(relogin)
$ ulimit -l
256
$ pwsafe -l
Enter passphrase for /home/xxx/.pwsafe.dat:
Comment 3 Alexander Tsoy 2015-10-22 06:17:12 UTC
No, I was wrong. Setting capabilities to cap_ipc_lock=ep should eliminate the need of increasing limits. =/
Comment 4 Amel Hodzic 2019-01-02 05:18:51 UTC
This still shows up.