Ubuntu
python-keyring package

“sudo pip3” unusable because “import keyring” hangs for a long time

Bug #1875410 reported by Roman Odaisky on 2020-04-27

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	python-keyring (Ubuntu)	New	Undecided	Unassigned

Bug Description

0. Upgrade to focal (the problem was not present in eoan).
1. Try pip3 install somepackage. It works.
2. Try sudo -u nobody pip3 install somepackage. It works (assuming appropriate file permissions).
3. Try sudo pip3 install somepackage. It hangs for about 30 seconds.
4. Try sudo env -u HOME -u XAUTHORITY pip3 install somepackage. It works.

The reason is that the “import keyring” statement attempts to contact org.freedesktop.secrets via DBus. However, when root does it using a user’s X connection, a “DBusException: org.freedesktop.DBus.Error.NameHasNoOwner: Could not get owner of name 'org.freedesktop.secrets': no such name” is the result. When DBus seems to be present like this but does not in fact work, and it is the case when either HOME or XAUTHORITY environment variables are preserved by sudo (and it preserves the latter in the default configuration), it waits for the entire duration of the timeout.

There seem to be two issues here:
a) The DBus environment is somehow such that it appears functional but isn’t.
b) The keyring module initialization performs work which is isn’t even needed by the calling code (pip calls get_credential(url="https://pypi.org/simple", username=None) which, because username is None, never contacts any backends).

Perhaps the following fixes are in order:
a) The DBus machinery should recognize cases where it isn’t going to receive an answer so it can raise an error without timing out.
b) The keyring module should be as lazy as possible and it should avoid initializing its backends until a request comes that needs to be forwarded to at least one of those.

The problem (a) might be specific to certain secret storage backends, I’m using whatever KDE has as the default.

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: python3-keyring 18.0.1-2ubuntu1
ProcVersionSignature: Ubuntu 5.4.0-26.30-generic 5.4.30
Uname: Linux 5.4.0-26-generic x86_64
ApportVersion: 2.20.11-0ubuntu27
Architecture: amd64
CasperMD5CheckResult: skip
CurrentDesktop: KDE
Date: Mon Apr 27 16:45:03 2020
PackageArchitecture: all
SourcePackage: python-keyring
UpgradeStatus: Upgraded to focal on 2020-04-26 (0 days ago)

Tags:

Revision history for this message

Roman Odaisky (to-roma-from-lp) wrote on 2020-04-27:

Dependencies.txt Edit (2.5 KiB, text/plain; charset="utf-8")
ProcCpuinfoMinimal.txt Edit (1.3 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (327 bytes, text/plain; charset="utf-8")

Revision history for this message

Dmitry Shachnev (mitya57) wrote on 2020-04-27:

Note that running pip as root is discouraged, as it may break your system packages.

In any case, if you do not need keyring support in pip, try setting this environment variable:

PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntupython-keyring package