Secret Service: Difference between revisions

Line 1:

[https://specifications.freedesktop.org/secret-service-spec/latest/ Secret Service] is an API on D-Bus to allow applications to store secrets securely.

'''[https://specifications.freedesktop.org/secret-service-spec/latest/ Secret Service]''' is an API on D-Bus to allow applications to store secrets securely.

== Providers ==

Line 60:

services.passSecretService.enable = true;

</nowiki>}}

== Secret portal ==

'''[https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.freedesktop.portal.Secret.html Secret portals]''' are portals in the XDG Desktop Portal specification, which allows applications to get a per-application master secret. I ([[User:Axka|axka]]) don't know of any applications requiring this, and to my knowledge the only provider is GNOME Keyring, which can be added to <code>xdg.portal.extraPortals</code> in Home Manager or NixOS. Adding <code>gnome-keyring</code> will also add XDG autostart definitions, but unless you have <code>gnome-keyring</code> installed on NixOS, they won't be enabled (i.e. <code>/run/wrappers/bin/gnome-keyring-daemon</code> won't work).

== Auto-decrypt on login ==

Line 73:

Line 76:

=== <code>gkr-pam: couldn't unlock the login keyring.</code> ===

This error happens when the PAM module, for some reason, can't unlock the login keyring. This may be for example because it can't connect to the daemon, which should have been started by the PAM module with the message <code>gkr-pam: gnome-keyring-daemon started properly</code>.

This error happens when the PAM module, for some reason, can't unlock the login keyring. This may be for example because it can't connect to the daemon, which should have been started by the PAM module with the message <code>gkr-pam: gnome-keyring-daemon started properly</code>. Try logging out and back in or restarting.

=== <code>gkr-pam: unable to locate daemon control file</code> ===

This error happens when the PAM module can't find the daemon's control socket. Very likely it will start a daemon and retry the action which requires a daemon.

This error happens when the PAM module can't find the daemon's control socket. Very likely it will start a daemon and retry the action which requires a daemon, and stop the daemon when the PAM session closes.

[[Category:Desktop]]

@@ Line 1: / Line 1: @@
-[https://specifications.freedesktop.org/secret-service-spec/latest/ Secret Service] is an API on D-Bus to allow applications to store secrets securely.
+'''[https://specifications.freedesktop.org/secret-service-spec/latest/ Secret Service]''' is an API on D-Bus to allow applications to store secrets securely.
 == Providers ==
@@ Line 60: / Line 60: @@
 services.passSecretService.enable = true;
 </nowiki>}}
+== Secret portal ==
+'''[https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.freedesktop.portal.Secret.html Secret portals]''' are portals in the XDG Desktop Portal specification, which allows applications to get a per-application master secret. I ([[User:Axka|axka]]) don't know of any applications requiring this, and to my knowledge the only provider is GNOME Keyring, which can be added to <code>xdg.portal.extraPortals</code> in Home Manager or NixOS. Adding <code>gnome-keyring</code> will also add XDG autostart definitions, but unless you have <code>gnome-keyring</code> installed on NixOS, they won't be enabled (i.e. <code>/run/wrappers/bin/gnome-keyring-daemon</code> won't work).
 == Auto-decrypt on login ==
@@ Line 73: / Line 76: @@
 === <code>gkr-pam: couldn't unlock the login keyring.</code> ===
-This error happens when the PAM module, for some reason, can't unlock the login keyring. This may be for example because it can't connect to the daemon, which should have been started by the PAM module with the message <code>gkr-pam: gnome-keyring-daemon started properly</code>.
+This error happens when the PAM module, for some reason, can't unlock the login keyring. This may be for example because it can't connect to the daemon, which should have been started by the PAM module with the message <code>gkr-pam: gnome-keyring-daemon started properly</code>. Try logging out and back in or restarting.
 === <code>gkr-pam: unable to locate daemon control file</code> ===
-This error happens when the PAM module can't find the daemon's control socket. Very likely it will start a daemon and retry the action which requires a daemon.
+This error happens when the PAM module can't find the daemon's control socket. Very likely it will start a daemon and retry the action which requires a daemon, and stop the daemon when the PAM session closes.
 [[Category:Desktop]]