linux (SecretService DBus API) not available
awwong1 opened this issue · comments
Hi! Cool project.
I'm getting stuck at authorizing my client. Any advice?
$ keys auth
timed out waiting for pid$ keys --version
keys version 0.0.36 32283ad6227383e43213e6062fb8de35889e5ce7 2020-04-24T03:20:44Z
$ uname -a
Linux mbp13 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64 GNU/Linux
EDIT: I currently have my CPUs limited, but I don't know if this should be a blocker to authorizing the client.
$ cpufreq-info
cpufrequtils 008: cpufreq-info (C) Dominik Brodowski 2004-2009
Report errors and bugs to cpufreq@vger.kernel.org, please.
analyzing CPU 0:
driver: intel_pstate
CPUs which run at the same hardware frequency: 0
CPUs which need to have their frequency coordinated by software: 0
maximum transition latency: 4294.55 ms.
hardware limits: 500 MHz - 3.40 GHz
available cpufreq governors: performance, powersave
current policy: frequency should be within 500 MHz and 1.20 GHz.
The governor "powersave" may decide which speed to use
within this range.
current CPU frequency is 891 MHz.
...
What happens if you run keysd?
(keys is the cli client which starts and connects to keysd)
$ keysd
INFO[2020-04-27T16:22:59.154550803-06:00] Version: 0.0.36 32283ad6227383e43213e6062fb8de35889e5ce7 2020-04-24T03:20:50Z
INFO[2020-04-27T16:22:59.154643834-06:00] Log level: info
INFO[2020-04-27T16:22:59.154801586-06:00] Keyring (system)
The name org.freedesktop.secrets was not provided by any .service filesLooks like its having problems connecting to the SecretService DBus API on linux. Maybe it's not available on your system?
You can try setting keys to use the filesystem for the keyring. It's not as secure but maybe worth a try if you don't want to wait:
keys config set keyring fs
Can you give me more details on what linux distro and desktop you are using. I can try to replicate for your environment.
Sure!
I'm running Debian 10.3 buster, on a MacBook Pro (early 2015, 13-inch). All of my packages are up to date. What additional details would you need?
$ cat /etc/apt/sources.list
# deb cdrom:[Debian GNU/Linux 10.3.0 _Buster_ - Official amd64 NETINST 20200208-12:07]/ buster main
deb http://deb.debian.org/debian/ buster main
deb-src http://deb.debian.org/debian/ buster main
# deb http://deb.debian.org/debian/ testing main
# deb-src http://deb.debian.org/debian/ testing main
deb http://security.debian.org/debian-security buster/updates main
deb-src http://security.debian.org/debian-security buster/updates main
# deb http://security.debian.org/debian-security testing-security main
# deb-src http://security.debian.org/debian-security testing-security main
# buster-updates, previously known as 'volatile'
deb http://deb.debian.org/debian/ buster-updates main
deb-src http://deb.debian.org/debian/ buster-updates main
# buster-backports, software taking from the next release and recompiled for stable
deb http://deb.debian.org/debian/ buster-backports main
deb-src http://deb.debian.org/debian/ buster-backports main
# deb http://deb.debian.org/debian/ testing-updates main
# deb-src http://deb.debian.org/debian/ testing-updates main
# This system was installed using small removable media
# (e.g. netinst, live or single CD). The matching "deb cdrom"
# entries were disabled at the end of the installation process.
# For information about how to configure apt package sources,
# see the sources.list(5) manual.
deb [arch=amd64] https://download.docker.com/linux/debian buster stable
#deb-src [arch=amd64] https://download.docker.com/linux/debian buster stable
I saw that 0.0.37 of keys has just been published, but I'm still getting the same error as before:
alexander@mbp13:~$ keys auth
timed out waiting for pid
alexander@mbp13:~$ keysd
INFO[2020-04-27T19:44:55.191130719-06:00] Version: 0.0.37 94fbb29ea6c89c95093d8cb743405b507a94f056 2020-04-28T01:12:25Z
INFO[2020-04-27T19:44:55.191263011-06:00] Log level: info
INFO[2020-04-27T19:44:55.191490928-06:00] Keyring (system)
The name org.freedesktop.secrets was not provided by any .service files
If I use the filesystem for the keyring I don't get the timeout, but I'm not familiar enough with the details to know how insecure this approach is.
Oh I remember, on linux the keyring depends on the gnome keyring package with a default login collection: https://github.com/zalando/go-keyring#linux
You may need to run sudo apt install gnome-keyring and you may need to create a login keyring if it doesn't exist.
This is not ideal though, as the app should be able to detect this, so will try to get to a fix in the next week or so.
Using the filesystem keyring is as secure as the strength of your password+salt (an encryption key is derived from it).
BTW if you want to switch back to system keyring, use keys config set keyring "" to reset back to default.
Ah that makes sense!
I am running KDE and do not have gnome-keyring.
$ apt list --installed *keyring*
Listing... Done
debian-archive-keyring/stable,stable,now 2019.1 all [installed]
debian-keyring/stable,stable,now 2019.02.25 all [installed]
python3-keyring/stable,stable,now 17.1.1-1 all [installed,automatic]
python3-keyrings.alt/stable,stable,now 3.1.1-1 all [installed,automatic]Thank you for your time @gabriel. I'll leave this issue open for your fix, but enough workarounds have been suggested for me to play around with this.