-
Notifications
You must be signed in to change notification settings - Fork 194
Use libsecret instead of gnome-keyring. #53
Conversation
Looks like 0.10 build is broken, but doesn't seem to be related to this PR. |
* Plucked from upstream atom#53 * Debugging travis
Looks good. Is there any chance this will get merged anytime soon? |
Is there any progress on this? This PR keeps keytar from working on RHEL and centOS. Seems like the only thing failing is the node 0.10 tests due to a bad param passed in. |
This is almost certainly a breaking change, as anyone upgrading from a previous version of keytar has all their user's keys disappear. What's the migration path for user data here? |
@paulcbetts, I'm glad you asked - Currently with gnome-keyring, keytar uses the As seen here, that schema uses By setting our libsecret schema identifier to If you'd like - I can create a simple test script that uses both versions of keytar and checks if the keys are the same. |
If it helps the discussion any, I just pulled in the mongodb keytar fork and rebuilt my .deb and it was able to pick up the pw just fine from gnome-keyring. |
Thanks for the confirmation, @cruzerld. What distro was that on? I've only tested on Ubuntu so far. |
Also Ubuntu. 16.04 specifically. I did confirm that I needed your change before even running on centOS / RHEL. So I guess we won't have to worry about upgrading there. I haven't tried using this with KWallet, but if it is using the underlying dbus implementation then I'm not as worried about that. |
@TheSBros This is an excellent answer. If the tests pass, I'm 👍 on merging this, /cc @kevinsawicki |
@paulcbetts Great! The build passes, except for 0.10 - which seems to be related to the C++ build environment that Travis uses. |
I was actually just about to begin working on a PR for this, so a huge 👍 from me. Additionally, why are we still building against Node v0.10? That should be dropped immediately IMHO. |
I can go ahead and drop 0.10 if everyone agrees. (LTS was dropped for it on Oct 31st) |
Any movement on this? |
script/cibuild
Outdated
@@ -4,5 +4,4 @@ sudo service dbus start | |||
eval $(gnome-keyring-daemon) | |||
export GNOME_KEYRING_CONTROL GNOME_KEYRING_PID GPG_AGENT_INFO SSH_AUTH_SOCK | |||
|
|||
# FIXME Find out why we cound not connect to gnome-keyring-daemon. | |||
# grunt test | |||
grunt test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like this is still a no-go since all the tests timed out.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Judging from the output on Travis, we're not actually running any tests... the script is actually failing, but old versions of xvfb-run
seem to be returning hiding that fact, and always eturning with a success exit code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've disabled Alternatively #63 seems like a good PR; but contains a lot of other changes which may require more thought. Is this good enough to merge, or could I get some guidance on what we can do to get this moving? A lot of electron applications use this module, and right now cc/ @kevinsawicki @paulcbetts |
This PR switches
keytar
to uselibsecret
.This allows compatibility with any wallet/keyring implementing the Secret Service API (including KWallet and GNOME Keyring)
The difference between this PR and #47 is that (in limited field testing) this one keeps compatibility with previously stored GNOME Keyring passwords.
This would supersede #46, #47 and close #17, #7.