Re: pam-keyring-tool as default?

From: Jon Nettleton <jon nettleton gmail com>
To: desktop-devel-list gnome org
Subject: Re: pam-keyring-tool as default?
Date: Sat, 25 Nov 2006 16:42:39 -0500

On Fri, 2006-11-24 at 12:31 +0100, Stanislav Brabec wrote: 
> Baptiste Mille-Mathias wrote:
> 
> > Hi David
> > 
> > This is a distribution problem not GNOME, because pam_keyring is not
> > part of GNOME Desktop, and the distributor does the integration of
> > pam_keyring, so the best thing is to address your concern to the
> > ubuntu developpers.
> 
> pam_keyring does not integrate properly to multi-desktop environment -
> users of KDE or minimalistic desktops probably don't want running
> gnome-keyring-daemon. It only wastes memory there - they will not use
> GNOME applications.
> 
> Current implementation is missing following feature:
> - Remember password.
> - If user selects other desktop than GNOME, quit.
> 
> Thinking more about it, I can imagine trivial login helper (without glib
> dependency), which only remembers password and waits for
> gnome-keyring-daemon instance to pass the password to it. If it does not
> appear in defined time, it will quit.
> 

Hey all,

I am currently maintaining pam_keyring, so I figured I would give an
update and answer some of the questions.

Pam_keyring is not part of Gnome desktop, therefore it is up to the
individual distributions to package and add it.  I have worked with guys
from Ubuntu, Gentoo, Arch, and Fedora on it, so we seem to be getting
pretty good coverage so far.

I have been busy, and sick so I am behind on releases.  I should have
0.0.9 out the door soon.  This release will support password change
support and a bunch of other patches.  I needed gnome-keyring 0.6 to be
released with the changes I added for changing a keyrings password
before releasing 0.0.9.

As far as the other comments about pam_keyring here is what it does and
doesn't do.

It launches a gnome-keyring-daemon with proper UID, sets up the correct
environment variables and trys to unlock a keyring with the password
provided to pam.  I would only have pam_keyring installed if I intended
to use this functionality.  I do know before KNetworkManager, many KDE
people used it to launch gnome-keyring-daemon for use with nm-applet.

Pam_keyring was never intended to be used for environments that didn't
use gnome-keyring.  It is pretty much designed for an environment where
people are running the gnome-desktop, or running gnome-applications that
utilize gnome-keyring-daemon for password storage.

I would be glad to hear any other comments and or suggestions.

Jon

References:
- pam-keyring-tool as default?
  - From: David Prieto
- Re: pam-keyring-tool as default?
  - From: Baptiste Mille-Mathias
- Re: pam-keyring-tool as default?
  - From: Stanislav Brabec

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]