26

Whenever I log in on Ubuntu Lucid Lynx 10.04 I get a Seahorse/gnome-keyring prompt telling me an application wants to access my keyring. It isn't the network manager, because if I cancel the request my network connection is still established (also, this only started happening recently). How can I tell which application is making this request? The prompt doesn't provide this information.

Improve this question
6
  • This isn't an answer really but for me this turned out to be the network manager applet wanting to get my wifi key. Commented Sep 16, 2010 at 12:30
  • I have a different question related to auth at superuser.com/questions/189204/…, I'll appreciate a response there if anyone handling this question has any ideas. Commented Sep 20, 2010 at 4:06
  • 2
    Same question at askubuntu.com/questions/21645/… Commented Jan 27, 2011 at 14:39
  • if you are connecting to "open wireless" or a wired network, it wants the keyring but doesn't NEED it. check the proof video over on askubuntu. in my case I am SURE it's nm-applet. Commented Jan 30, 2011 at 12:08
  • the upstream bug is logged at bugzilla.gnome.org/show_bug.cgi?id=574315 - I've requested comments from the developers here Commented Jan 31, 2011 at 10:00

3 Answers 3

Reset to default
6

From a security perspective, the answer is that in current distros you can't tell which application it is. See this bug report for clarification from a gnome-keyring developer, including the security implications and scope of the task.

From a practical perspective I am also using auto-login on Ubuntu, and it seems that it is indeed nm-applet.

Improve this answer
2
  • I grasp the security implications and the difficulty the developers of gnome-keyring have in identifying the caller for keychain access. My proposed solution is to offload the work onto the application that uses keyring. For example, if your app wants access to the keyring it should emit a dialog stating something to the effect of "/me wants access to the keyring". This removes the need for an API change that would break current functionality and keeps devs of the keyring from getting overwhelmed. Just thoughts. Commented Feb 7, 2011 at 15:10
  • An alternate workaround is to create an empty default-keyring and force the user to switch between keyrings if they MUST have autologin AND a keyring without a hassle box. Commented Feb 7, 2011 at 15:18
3

I setup my box for auto-login and it does this on every login. In my case it's nm-applet/network-manager family of apps.

Edit: btw the problem has been around for some time, evidently some half-fix got undone during a package upgrade, but i digress...one solution is here

WHATEVER is causing the problem you could add after login but before everything else: a script with libpam-gnome-keyring to unlock it...the package to get this tool is: libpam-gnome-keyring at least in 11.04 

#!/bin/bash #launch useful stuff for gnome #first unlock the default keyring... echo YOUR_PASSWORD_HERE | /usr/libexec/pam-keyring-tool -u -s #then run nm-applet in the background... nm-applet &

Proof video that it is nm-applet is here

Improve this answer
1

You could try to have a look at the logfiles :-)

  1. Maybe something is in /var/log/auth.log after a wrong password.

  2. Check your autostart applications under System -> Preferences -> Sessions -> Startup Programs and ~/.config/autostart

  3. Check the running processes with top and ps aux, check the process tree of ps axjf

It should be pretty simple to figure out which process requires your keyring?

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.