Bug#870335: gnome-session: Gnome session creates a new kernel session keyring, without a link to the user keyring

Itaï BEN YAACOV candeb at free.fr
Tue Aug 1 08:28:00 UTC 2017


Package: gnome-session
Version: 3.22.3-1
Severity: normal

Dear Maintainer,

When logging in to console, or via ssh, typing "keyctl show" gives something like

Session Keyring
 365837487 --alswrv   1000  1000  keyring: _ses
 924915722 --alswrv   1000 65534   \_ keyring: _uid.1000

When logging in to gnome, I get

Session Keyring
1002009370 --alswrv   1000  1000  keyring: _ses
 226607596 ----s-rv      0     0   \_ user: invocation_id

without a link to the user keyring.  This breaks ecryptfs-mount-private (which
is how I found this problem).

I did this with a phoney pristine user, same behaviour, so this isn't something in my
dotfiles.

Better still: doing "keyctl show > SOMEFILE" in my .profile shows that when
.profile is sourced, there is a session keyring with a link to the user keyring
(so pam_keyinit is run correctly), but once in the gnome session, I get a different
session ring (different keyring number) without the link.

I suspect that as some stage after the .profile is invoked, a new session ring is created.
Not entirely sure how to debug this any further.

Cheers,
Itaï.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (600, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-session depends on:
ii  gnome-session-bin      3.22.3-1
ii  gnome-session-common   3.22.3-1
ii  gnome-settings-daemon  3.22.2-5
ii  gnome-shell            3.22.3-3

gnome-session recommends no packages.

Versions of packages gnome-session suggests:
ii  desktop-base      9.0.5
ii  gnome-keyring     3.20.1-1
ii  gnome-user-guide  3.22.0-1

-- debconf-show failed


More information about the pkg-gnome-maintainers mailing list