Re: [Evolution] evolutio forgets my passwords every start

[Patrick O'Callaghan <poc usb ve>]

On Wed, 2012-03-07 at 14:07 +0000, Pete Biggs wrote:
> > ... and we're back. I updated my system and on logging in again Evo once
> > more asked me for my login password, which it had not done on the
> > earlier test (honest, guv).
> >
> > Back to the drawing board.
>
> I know you've said previously that you have two instances of
> gnome-keyring-daemon running - is that still the case?  Do you know when
> they are started?

Immediately after logging in, but before running Evo, I have:

23795 /usr/bin/gnome-keyring-daemon --daemonize --login

I run Evo, and get:

23795 /usr/bin/gnome-keyring-daemon --daemonize --login
24608 /usr/bin/gnome-keyring-daemon --start --foreground --components=secrets

In this instance (a fresh session but not a fresh boot), Evo didn't ask
for any passwords. Last time (a fresh boot and session) it did ask for
the login password.

> Do you have Gnome Keyring integrated into PAM?  I suspect the Gnome docs
> are the right place to go for info on this:
>
>  http://live.gnome.org/GnomeKeyring/Pam

Yes to everything. I did all the tests, and it's all good. I also now
have only a single login.keyring file (see recent posts about this).

For completeness, here's a comparison between the PAM config files for
KDM, which I use, and GDM, which I don't:

$ sdiff /etc/pam.d/kdm /etc/pam.d/gdm
#%PAM-1.0                                                       #%PAM-1.0
auth     [success=done ignore=ignore default=bad] pam_selinux   auth     [success=done ignore=ignore 
default=bad] pam_selinux
                                                              > auth       required    pam_succeed_if.so user 
!= root quiet
auth       required    pam_env.so                               auth       required    pam_env.so
auth       substack    system-auth                              auth       substack    system-auth
-auth       optional    pam_gnome_keyring.so                  | auth       optional    pam_gnome_keyring.so
auth       include     postlogin                                auth       include     postlogin
account    required    pam_nologin.so                           account    required    pam_nologin.so
account    include     system-auth                              account    include     system-auth
password   include     system-auth                              password   include     system-auth
session    required    pam_selinux.so close                     session    required    pam_selinux.so close
session    required    pam_loginuid.so                          session    required    pam_loginuid.so
session    optional    pam_console.so                           session    optional    pam_console.so
session    required    pam_selinux.so open                      session    required    pam_selinux.so open
session    optional    pam_keyinit.so force revoke              session    optional    pam_keyinit.so force 
revoke
session    required    pam_namespace.so                         session    required    pam_namespace.so
-session    optional    pam_gnome_keyring.so auto_start       | session    optional    pam_gnome_keyring.so 
auto_start
session    include     system-auth                              session    include     system-auth
session    include     postlogin                                session    include     postlogin

The leading '-' on some KDM lines just turns off logging if the module
isn't available, but that's not the case here. The only substantive
difference is that GDM has an extra line, but it's hard to see how it
could matter. I guess I could paste it into the KDM file and see.

poc