Bug 351411
| Summary: | nm-applet repeatedly requests to unlock default keyring for WPA Enterprise | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Casey Goodlett <gcasey> |
| Component: | gnome-keyring | Assignee: | Tomáš Bžatek <tbzatek> |
| Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 9 | CC: | alexl, bloch, clasohm, dcbw, djuran, mcepl, mcepl, mclasen, rodd, tsmetana, wtogami |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-07-14 16:33:39 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Casey Goodlett
2007-10-24 21:43:49 UTC
Description of problem: Trying to connect to a WPA enterprise with TTLS/PAP using NetworkManager. After entering the certificate, username, and password and clicking connect the keyring dialog pops up requesting for nm-applet to unlock the default keyring. After entering the correct password and clicking ok, the same unlock dialog reappears. Version-Release number of selected component (if applicable): NetworkManager-0.7.0-0.3.svn3016.fc8 gnome-keyring-2.20-6.fc8 How reproducible: Every time Steps to Reproduce: 1. Select WPA Enterprise network in NetworkManager 2. Enter information 3. Type password to unlock keyring Actual results: dialog to unlock keyring reappears Expected results: keyring is unlocked Could you try svn3020 when it hits rawhide? It's unlikely earlier versions would work correctly with certificates, which caused NM to ask for the configuration a lot (because it would fail to connect). The problem continues with svn3020. Just to clarify its the gnome-keyring dialog which reappears not the NM configuration dialog. I'm seeing this with svn3030, albeit with WPA PSK, not Enterprise. In fact, if I click on Deny, authentication seems to proceed anyway, Alright, I don't think this is NM, I think this is gnome-keyring. I'm assuming you've set up a new WPA connection and after entering the passphrase, you've been prompted for the gnome-keyring password to store the passphrase. Since you can't enter the password for the keyring, you'll be prompted for the WPA passphrase again next time you connect. I'm having the same problem in evolution. I've set up a IMAP account for my gmail account and I have to retype the password each time I restart evolution, because I can't store the imap password in the keyring since gnome-keyring won't accept my keyring password. I can unlock items in the keyring using the keyring password (like my NM WPA information) but not store anything. So to confirm, I'm seeing the same issue, but when trying to store a password in the keyring for evolution. I agree that this is probably a gnome-keyring issue now. I just noticed that an additional keyring login.keyring was created. Deleting the login.keyring removed the problem for me. I think it was being used as the default keyring instead of default.keyring. Over to alex then; jrb also reports that clearing the keyring fixes it too. Is this fixed to your satisfaction alex? Just to note, that removing login.keyring helped me. This is the second time I've had login.keyring 'created' for me and then had to remove it to resolve these sorts of issues. Should this be files as a separate bug? I just noticed that I can consistently reproduce creation of login.keyring by locking and unlocking the screen with gnome-screensaver. The following line is created in /var/log/secure when I do this. Jan 29 13:30:08 localhost gnome-screensaver-dialog: gkr-pam: created 'login' keyring In a further test locking the screen and then entering an incorrect password is what results in the creation of login.keyring . If I lock and unlock with the correct password the problem does not occur, but if I enter the wrong password and then the correct password login.keyring is created. I'm having the same problem with extra keyring files being created. My default keyring is "login" and I get a new keyring file called login1.keyring created. I've had this problem in both F8 and current rawhide. Is this issue related to bug 250147? And why is it in NEEDINFO from alexl when Alex is not even subscribed to it? This has re-occurred for me too recently. Changing version to '9' as part of upcoming Fedora 9 GA. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping Reporter, could you please reply to the previous question? If you won't reply in one month, I will have to close this bug as INSUFFICIENT_DATA. Thank you. I'm not the original reporter but I'm still seeing this on F9, particularly after resuming from suspend to RAM. In a related way, NM still seems to want to create a new keyring when I connect to new APs. This creates a second keyring, and resulting confusion over which keyring is being used. Why can't NM just use the existing keyring? It uses the 'default' keyring by passing NULL as the keyring argument for calls like gnome_keyring_item_create(). The argument explanation for that argument is: "The name of the keyring in which to create the item, or NULL for the default keyring." Right now, the applet doesn't do anything special to select a keyring, it simply always uses whatever the gnome-keyring's idea of the 'default' keyring is. I think there are some issues between the normal keyring and the 'login' keyring, it's apparently a tossup which one gets used and sometimes you get keys in one keyring but not the other keyring. I haven't looked into this yet. But the applet _code_ hasn't changed in this respect since the beginning of time, so the behavioral changes that ask you for a different keyring than your defualt keyring (ie, the login keyring) are outside of the applet and probably caused by the 'login' keyring stuff that hit F8 and F9. This message is a reminder that Fedora 9 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 9. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '9'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 9's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 9 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping Fedora 9 changed to end-of-life (EOL) status on 2009-07-10. Fedora 9 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed. |