Use libsecret instead of gnome-keyring. #53
Conversation
|
Looks like 0.10 build is broken, but doesn't seem to be related to this PR. |
* Plucked from upstream atom#53 * Debugging travis
|
Looks good. Is there any chance this will get merged anytime soon? |
|
Is there any progress on this? This PR keeps keytar from working on RHEL and centOS. Seems like the only thing failing is the node 0.10 tests due to a bad param passed in. |
|
This is almost certainly a breaking change, as anyone upgrading from a previous version of keytar has all their user's keys disappear. What's the migration path for user data here? |
|
@paulcbetts, I'm glad you asked - Currently with gnome-keyring, keytar uses the As seen here, that schema uses By setting our libsecret schema identifier to If you'd like - I can create a simple test script that uses both versions of keytar and checks if the keys are the same. |
|
If it helps the discussion any, I just pulled in the mongodb keytar fork and rebuilt my .deb and it was able to pick up the pw just fine from gnome-keyring. |
|
Thanks for the confirmation, @cruzerld. What distro was that on? I've only tested on Ubuntu so far. |
|
Also Ubuntu. 16.04 specifically. I did confirm that I needed your change before even running on centOS / RHEL. So I guess we won't have to worry about upgrading there. I haven't tried using this with KWallet, but if it is using the underlying dbus implementation then I'm not as worried about that. |
|
@TheSBros This is an excellent answer. If the tests pass, I'm 👍 on merging this, /cc @kevinsawicki |
|
@paulcbetts Great! The build passes, except for 0.10 - which seems to be related to the C++ build environment that Travis uses. |
|
I was actually just about to begin working on a PR for this, so a huge 👍 from me. Additionally, why are we still building against Node v0.10? That should be dropped immediately IMHO. |
|
I can go ahead and drop 0.10 if everyone agrees. (LTS was dropped for it on Oct 31st) |
|
Any movement on this? |
script/cibuild
Outdated
| @@ -4,5 +4,4 @@ sudo service dbus start | |||
| eval $(gnome-keyring-daemon) | |||
| export GNOME_KEYRING_CONTROL GNOME_KEYRING_PID GPG_AGENT_INFO SSH_AUTH_SOCK | |||
|
|
|||
| # FIXME Find out why we cound not connect to gnome-keyring-daemon. | |||
| # grunt test | |||
| grunt test | |||
There was a problem hiding this comment.
Looks like this is still a no-go since all the tests timed out.
There was a problem hiding this comment.
Judging from the output on Travis, we're not actually running any tests... the script is actually failing, but old versions of xvfb-run seem to be returning hiding that fact, and always eturning with a success exit code.
There was a problem hiding this comment.
|
I've disabled Alternatively #63 seems like a good PR; but contains a lot of other changes which may require more thought. Is this good enough to merge, or could I get some guidance on what we can do to get this moving? A lot of electron applications use this module, and right now cc/ @kevinsawicki @paulcbetts |
This PR switches
keytarto uselibsecret.This allows compatibility with any wallet/keyring implementing the Secret Service API (including KWallet and GNOME Keyring)
The difference between this PR and #47 is that (in limited field testing) this one keeps compatibility with previously stored GNOME Keyring passwords.
This would supersede #46, #47 and close #17, #7.