Secret Service: Difference between revisions
mNo edit summary |
→Troubleshooting: Add a solution to fix an error where GNOME keyring daemon fails to spawn the SystemPrompter process |
||
| (3 intermediate revisions by 2 users not shown) | |||
| Line 40: | Line 40: | ||
=== KeePassXC === | === KeePassXC === | ||
KeePassXC's Secret Service integration can be enabled by going into the | KeePassXC's Secret Service integration can be enabled by going into the '''Tools > Settings''', opening the ''Secret Service Integration'' tab and enabling it. | ||
This can be configured automatically by [[Home Manager]] configuration:{{file|||<nowiki> | |||
{ pkgs, ... }: | |||
{ | |||
programs.keepassxc = { | |||
autostart = true; | |||
enable = true; | |||
settings = { | |||
# For available settings, see https://github.com/keepassxreboot/keepassxc/blob/develop/src/core/Config.cpp | |||
FdoSecrets.Enabled = true; # Enable Secret Service Integration | |||
}; | |||
}; | |||
{{ | xdg.autostart.enable = true; # Enable creation of XDG autostart entries. | ||
} | |||
</nowiki>|name=home.nix|lang=nix}} | |||
If not using the {{Nixos:option|2=settings.FdoSecrets.Enabled = true}} one needs to configure for Secret Service integration by opening their settings '''Database > Database Settings...''', opening the ''Secret Service Integration'' tab and selecting a group for Secret Service entries. | |||
{{Warning|"Another secret service is running (...). Please stop/remove it before re-enabling the Secret Service Integration."}} | |||
If you see a warning like above, you need to find out which other service is currently registered:<syntaxhighlight lang="shell"> | |||
busctl --user status org.freedesktop.secrets | |||
</syntaxhighlight>If it's the Gnome Keyring Daemon, then it can be disabled by this configuration below:{{file|||<nowiki> | |||
{ config, pkgs, lib, ... }: | |||
{ | |||
services.gnome.gnome-keyring.enable = lib.mkForce false; | |||
} | |||
</nowiki>|name=/etc/nixos/configuration.nix|lang=nix}} | |||
=== pass-secret-service === | === pass-secret-service === | ||
| Line 86: | Line 111: | ||
This error happens when the PAM module can't find the daemon's control socket. Very likely it will start a daemon and retry the action which requires a daemon, and stop the daemon when the PAM session closes. | This error happens when the PAM module can't find the daemon's control socket. Very likely it will start a daemon and retry the action which requires a daemon, and stop the daemon when the PAM session closes. | ||
=== <code>gnome-keyring-daemon: couldn't create system prompt: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process org.gnome.keyring.SystemPrompter exited with status 1</code> === | |||
This error occurs when the GNOME Keyring daemon fails to spawn the SystemPrompter process (provided by the gcr package). This usually occurs due to D-Bus not having knowledge of the user's display environment. To fix this we must update the D-Bus environment once display is available. | |||
On X11 this can be fixed by setting the following option: | |||
{{File|3=services.xserver.updateDbusEnvironment = true;|name=/etc/nixos/configuration.nix|lang=nix}} | |||
OR | |||
Alternatively the following command can be run on display startup: | |||
{{Commands|$ dbus-update-activation-environment --systemd --all}} | |||
=== <code>discover_other_daemon: 0</code> with <code>--start</code> === | === <code>discover_other_daemon: 0</code> with <code>--start</code> === | ||