Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added in Online Accounts: But still prompt for password #591

Open
marbetschar opened this issue Jun 9, 2021 · 3 comments
Open

Added in Online Accounts: But still prompt for password #591

marbetschar opened this issue Jun 9, 2021 · 3 comments
Labels
Help Wanted
Milestone
2.0.0

Comments

@marbetschar
Copy link
Member

What Happened

When Mail is packaged using Flatpak, it is not capable of retrieving the before configured secrets from Online Accounts. This leads to a password prompt when Mail is freshly started after adding a new account in System Settings -or as @danrabbit puts it in his comment:

I'm still having trouble with the saved password in the flatpak, but this does seem to work for native mail. I wonder if there's a dbus interface we're missing that we need to add to the Mail sandbox

Expected Behavior

Once the account is added in Online Accounts, it should be fully usable from Mail - without forcing the user to retype his password again.

Steps to Reproduce

In the latest elementary OS Beta:

  1. Add a new Mail account through System Settings > Online Accounts
  2. Open Mail
  3. A password prompt appears

Potential solution

as @Marukesu points out, we are probably dealing with a secrets management issue in Flatpak-Land:

eds use libsecret to read/save passwords, because we are on a sandbox, libsecret try to get them from a file on the sandbox instead of the DBus Interface.

Regarding this article, we might want fall back to the legacy behaviour by allowing access to the Systems Secrets Service API via DBus (org.freedesktop.secrets). But I'm wondering, if there is a more elegant solution to this matter, since this solution puts a hole in the Flatpak sandbox.
@marbetschar marbetschar added this to To do in Mail 2.0 MVP via automation Jun 9, 2021
@marbetschar marbetschar added this to the 2.0.0 milestone Jun 9, 2021
@danirabbit danirabbit mentioned this issue Jun 9, 2021
Closed
@danirabbit
Copy link
Member

It doesn't appear that adding org.freedesktop.secrets to the sandbox exceptions resolves the issue

@Marukesu
Copy link
Contributor

Marukesu commented Jun 9, 2021

Because libsecret will use the keyfile backend instead of dbus, ever if we add the dbus hole.

I don't know if we can override that without downgrading the libsecret in the sandbox. so I think we need to query the credentials with online accounts and add a dbus method on it to get them.

@danirabbit
Copy link
Member

For now, I've switched Mail back to being a Deb package on the ISO. It would be great to be able to ship in Flatpak, but in the interest of time and prioritizing working on mail features it seems like we'll have to revisit this

@danirabbit danirabbit removed this from To do in Mail 2.0 MVP Jun 9, 2021
This was referenced Jul 21, 2021
Open
Closed
This was referenced Aug 22, 2021
Open
Open
@marbetschar marbetschar mentioned this issue Sep 21, 2021
Open
@marbetschar marbetschar mentioned this issue Oct 31, 2021
Merged
@leolost2605 leolost2605 mentioned this issue Jun 3, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Help Wanted
Projects
None yet
Milestone
2.0.0
Development

Successfully merging a pull request may close this issue.

Flatpak: punch a hole for libsecret elementary/mail
3 participants
@marbetschar @danirabbit @Marukesu