Secret Service: Difference between revisions
m add discover_other_daemon log messages |
mNo edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 62: | Line 62: | ||
== Secret portal == | == Secret portal == | ||
'''[https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.freedesktop.portal.Secret.html Secret portals]''' are portals in the XDG Desktop Portal specification, which allows applications to get a per-application master secret. I ([[User:Axka|axka]]) don't know of any applications requiring this, and to my knowledge the only provider is GNOME Keyring, which can be added to <code>xdg.portal.extraPortals</code> in Home Manager | '''[https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.freedesktop.portal.Secret.html Secret portals]''' are portals in the XDG Desktop Portal specification, which allows applications to get a per-application master secret. I ([[User:Axka|axka]]) don't know of any applications requiring this, and to my knowledge the only provider is GNOME Keyring, which can be added to <code>xdg.portal.extraPortals</code> in Home Manager. NixOS enables this automatically when GNOME Keyring is enabled. Adding <code>gnome-keyring</code> will also add XDG autostart definitions, but unless you have <code>gnome-keyring</code> installed on NixOS, they won't be enabled (i.e. <code>/run/wrappers/bin/gnome-keyring-daemon</code> won't work). | ||
== Auto-decrypt on login == | == Auto-decrypt on login == | ||
The NixOS module for GNOME Keyring enables its PAM module automatically via {{nixos:option|security.pam.services.*.enableGnomeKeyring}}. The equivalent for KDE Wallet is {{nixos:option|security.pam.services.*.kwallet.enable}}. | The NixOS module for GNOME Keyring enables its PAM module automatically via {{nixos:option|security.pam.services.*.enableGnomeKeyring}}, however the Home Manager module does not and as such you should add the following code to your NixOS configuration: | ||
{{file|/etc/nixos/configuration.nix|nix|<nowiki> | |||
security.pam.services.login.enableGnomeKeyring = true; | |||
</nowiki>}} | |||
The equivalent for KDE Wallet is {{nixos:option|security.pam.services.*.kwallet.enable}}. | |||
Usually you want to configure the <code>login</code> service, but <code>greetd</code>, <code>su</code> and <code>sshd</code> are also available. GDM and LightDM can be configured with <code>login</code>, while greetd cannot ({{issue|357201}}). | Usually you want to configure the <code>login</code> service, but <code>greetd</code>, <code>su</code> and <code>sshd</code> are also available. GDM and LightDM can be configured with <code>login</code>, while greetd cannot ({{issue|357201}}). | ||
| Line 84: | Line 89: | ||
=== <code>discover_other_daemon: 0</code> with <code>--start</code> === | === <code>discover_other_daemon: 0</code> with <code>--start</code> === | ||
This error happens when a | This error happens when a <code>gnome-keyring-daemon</code> process with the <code>--start</code> flag either could not send <code>GKD_CONTROL_OP_INITIALIZE</code> to a control socket or got a failing result. | ||
=== <code>discover_other_daemon: 1</code> with <code>--start</code> === | === <code>discover_other_daemon: 1</code> with <code>--start</code> === | ||
This log message gets printed when a | This log message gets printed when a <code>gnome-keyring-daemon</code> process with the <code>--start</code> flag successfully sent <code>GKD_CONTROL_OP_INITIALIZE</code> to a control socket. | ||
[[Category:Desktop]] | [[Category:Desktop]] | ||