Activity log for bug #1387303

Date Who What changed Old value New value Message
2014-10-29 17:29:32 Pascal de Bruijn bug added bug
2014-10-29 17:32:05 Pascal de Bruijn description GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simple fails (when smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840 GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840
2014-10-29 17:32:51 Pascal de Bruijn bug added subscriber Dimitri John Ledkov
2014-10-29 17:34:59 Pascal de Bruijn description GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840 GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840
2014-10-29 23:23:05 Dimitri John Ledkov description GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840 To disable user session gnome-keyring upstart job: $ echo manual ~/.config/upstart/gnome-keyring.override ====== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840
2014-10-29 23:29:05 Dimitri John Ledkov gnome-keyring (Ubuntu): status New Won't Fix
2014-10-29 23:29:08 Dimitri John Ledkov gnome-keyring (Ubuntu): assignee Dimitri John Ledkov (xnox)
2014-10-29 23:29:11 Dimitri John Ledkov gnome-keyring (Ubuntu): importance Undecided Wishlist
2014-11-23 23:48:17 Dimitri John Ledkov gnome-keyring (Ubuntu): status Won't Fix Incomplete
2014-11-23 23:48:24 Dimitri John Ledkov gnome-keyring (Ubuntu): status Incomplete In Progress
2014-11-23 23:48:55 Dimitri John Ledkov description To disable user session gnome-keyring upstart job: $ echo manual ~/.config/upstart/gnome-keyring.override ====== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840 To disable user session gnome-keyring upstart job: $ echo manual ~/.config/upstart/gnome-keyring.override ... and also disable the XDG auto-start jobs (Startup Applications) ====== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840
2014-11-23 23:57:29 Dimitri John Ledkov attachment added gnome-keyring.patch https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1387303/+attachment/4266383/+files/gnome-keyring.patch
2014-11-24 00:22:36 Ubuntu Foundations Team Bug Bot tags amd64 apport-bug third-party-packages trusty amd64 apport-bug patch third-party-packages trusty
2014-11-25 23:50:08 Dimitri John Ledkov nominated for series Ubuntu Vivid
2014-11-25 23:50:08 Dimitri John Ledkov bug task added gnome-keyring (Ubuntu Vivid)
2014-11-25 23:50:08 Dimitri John Ledkov nominated for series Ubuntu Utopic
2014-11-25 23:50:08 Dimitri John Ledkov bug task added gnome-keyring (Ubuntu Utopic)
2014-11-25 23:50:08 Dimitri John Ledkov nominated for series Ubuntu Trusty
2014-11-25 23:50:08 Dimitri John Ledkov bug task added gnome-keyring (Ubuntu Trusty)
2014-11-26 00:09:41 Launchpad Janitor branch linked lp:ubuntu/vivid-proposed/gnome-keyring
2014-11-26 02:19:31 Launchpad Janitor gnome-keyring (Ubuntu Vivid): status In Progress Fix Released
2015-01-21 09:22:20 Launchpad Janitor gnome-keyring (Ubuntu Trusty): status New Confirmed
2015-01-21 09:22:20 Launchpad Janitor gnome-keyring (Ubuntu Utopic): status New Confirmed
2015-01-23 18:44:56 Dimitri John Ledkov description To disable user session gnome-keyring upstart job: $ echo manual ~/.config/upstart/gnome-keyring.override ... and also disable the XDG auto-start jobs (Startup Applications) ====== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840 To disable user session gnome-keyring upstart job: $ echo manual ~/.config/upstart/gnome-keyring.override ... and also disable the XDG auto-start jobs (Startup Applications) ===== SRU tests By default environment should have SSH & GPG agent variables pointing at gnome-keyring provided ones. Disabling gpg or ssh gnome keyring desktop files in "Startup Applications" upon next login stock gpg/ssh agent's will be used. (No gnome-keyring name in the SSH/GPG agent variable values) Similarly, disabling upstart jobs for ssh or gpg agent also enables stock ssh/gpg agents. (e.g. echo manual > ~/.config/upstart/gnome-keyring-ssh.override) ===== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840
2015-01-23 21:33:26 Dimitri John Ledkov gnome-keyring (Ubuntu Trusty): status Confirmed In Progress
2015-01-23 21:33:28 Dimitri John Ledkov gnome-keyring (Ubuntu Utopic): status Confirmed In Progress
2015-01-28 19:56:49 Brian Murray gnome-keyring (Ubuntu Utopic): status In Progress Fix Committed
2015-01-28 19:56:53 Brian Murray bug added subscriber Ubuntu Stable Release Updates Team
2015-01-28 19:56:55 Brian Murray bug added subscriber SRU Verification
2015-01-28 19:57:01 Brian Murray tags amd64 apport-bug patch third-party-packages trusty amd64 apport-bug patch third-party-packages trusty verification-needed
2015-01-28 19:57:52 Brian Murray gnome-keyring (Ubuntu Trusty): status In Progress Fix Committed
2015-01-28 20:41:01 Launchpad Janitor branch linked lp:ubuntu/trusty-proposed/gnome-keyring
2015-01-28 20:41:03 Launchpad Janitor branch linked lp:ubuntu/utopic-proposed/gnome-keyring
2015-01-29 04:36:45 Ross Younger tags amd64 apport-bug patch third-party-packages trusty verification-needed amd64 apport-bug patch third-party-packages trusty verification-done
2015-01-29 04:37:11 Ross Younger tags amd64 apport-bug patch third-party-packages trusty verification-done amd64 apport-bug patch third-party-packages trusty verification-needed
2015-01-29 11:06:42 Dimitri John Ledkov tags amd64 apport-bug patch third-party-packages trusty verification-needed amd64 apport-bug patch third-party-packages trusty verification-done-trusty verification-needed verification-needed-utopic
2015-01-29 11:08:23 Dimitri John Ledkov description To disable user session gnome-keyring upstart job: $ echo manual ~/.config/upstart/gnome-keyring.override ... and also disable the XDG auto-start jobs (Startup Applications) ===== SRU tests By default environment should have SSH & GPG agent variables pointing at gnome-keyring provided ones. Disabling gpg or ssh gnome keyring desktop files in "Startup Applications" upon next login stock gpg/ssh agent's will be used. (No gnome-keyring name in the SSH/GPG agent variable values) Similarly, disabling upstart jobs for ssh or gpg agent also enables stock ssh/gpg agents. (e.g. echo manual > ~/.config/upstart/gnome-keyring-ssh.override) ===== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840 To disable gnome-keyring ssh agent, - disable gnome keyring ssh in startup applications To disable gnome-keyring gpg agent, - disable gnome keyring gpg in startup applications If disabled, ssh-agent & gpg-agent upstart jobs are used instead. ===== SRU tests By default environment should have SSH & GPG agent variables pointing at gnome-keyring provided ones. Disabling gpg or ssh gnome keyring desktop files in "Startup Applications" upon next login stock gpg/ssh agent's will be used. (No gnome-keyring name in the SSH/GPG agent variable values) Similarly, disabling upstart jobs for ssh or gpg agent also enables stock ssh/gpg agents. (e.g. echo manual > ~/.config/upstart/gnome-keyring-ssh.override) ===== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840
2015-01-29 11:08:38 Dimitri John Ledkov description To disable gnome-keyring ssh agent, - disable gnome keyring ssh in startup applications To disable gnome-keyring gpg agent, - disable gnome keyring gpg in startup applications If disabled, ssh-agent & gpg-agent upstart jobs are used instead. ===== SRU tests By default environment should have SSH & GPG agent variables pointing at gnome-keyring provided ones. Disabling gpg or ssh gnome keyring desktop files in "Startup Applications" upon next login stock gpg/ssh agent's will be used. (No gnome-keyring name in the SSH/GPG agent variable values) Similarly, disabling upstart jobs for ssh or gpg agent also enables stock ssh/gpg agents. (e.g. echo manual > ~/.config/upstart/gnome-keyring-ssh.override) ===== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840 To disable gnome-keyring ssh agent,  - disable gnome keyring ssh in startup applications To disable gnome-keyring gpg agent,  - disable gnome keyring gpg in startup applications If above are disabled, stock ssh-agent & gpg-agent upstart jobs are used instead. ===== SRU tests By default environment should have SSH & GPG agent variables pointing at gnome-keyring provided ones. Disabling gpg or ssh gnome keyring desktop files in "Startup Applications" upon next login stock gpg/ssh agent's will be used. (No gnome-keyring name in the SSH/GPG agent variable values) Similarly, disabling upstart jobs for ssh or gpg agent also enables stock ssh/gpg agents. (e.g. echo manual > ~/.config/upstart/gnome-keyring-ssh.override) ===== GNOME Keyring is by default a rather invasive service, which meddles with security sensitive processes invasively. This may or may not be wise depending on a users situation. One particular case is GNOME Keyring's gpg-agent implementation, which is incomplete and therefore doesn't support GPG's OpenPGP smartcard support. gpg simply fails (with smartcards) when GNOME Keyring is impersonating gpg-agent... So to be able to use OpenPGP smartcards on Ubuntu, one needs to disable GNOME Keyring from impersonating gpg-agent, which for quite some time now has been trivial to effectively do: echo 'X-GNOME-Autostart-enabled=false' >> /etc/xdg/autostart/gnome-keyring-gpg.desktop With GNOME Keyring's recent update (3.10.1-1ubuntu4.1) in Trusty, this seems to have been broken by the addition of: /usr/share/upstart/sessions/gnome-keyring.conf So it seems the /etc/xdg/autostart/gnome-keyring files are either being ignored, or the started process is supplanted by the process started by the upstart session config. What is unclear to me is what the upstart session configuration is supposed to achieve? And if it is meant to supplant the xdg/autostart files, those should probably have been removed to prevent them from causing any confusion as to how gnome-keyring is started/managed. Presuming the upstart session is meant to stay, I would suggest to remove the /etc/xdg/autostart/gnome-keyring-*.desktop files to prevent confusion as mentioned above. And in my opinion a mechanism should be provided so users can control which gnome-keyring components '--components=pkcs11,secrets,ssh,gpg' are activated using some configuration file in /etc, as files in /usr aren't meant to be user edited. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-keyring 3.10.1-1ubuntu4.1 ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8 Uname: Linux 3.13.0-39-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.5 Architecture: amd64 CurrentDesktop: Unity Date: Wed Oct 29 18:14:57 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-04-07 (205 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326) SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.xdg.autostart.gnome.keyring.gpg.desktop: 2014-04-09T19:49:03.884840
2015-01-30 13:20:56 Mathew Hodson tags amd64 apport-bug patch third-party-packages trusty verification-done-trusty verification-needed verification-needed-utopic amd64 apport-bug patch third-party-packages trusty verification-done-trusty verification-needed-utopic
2015-02-09 04:19:41 Launchpad Janitor gnome-keyring (Ubuntu Trusty): status Fix Committed Fix Released
2015-02-09 04:19:46 Adam Conrad removed subscriber Ubuntu Stable Release Updates Team
2015-02-22 05:53:05 Mathew Hodson tags amd64 apport-bug patch third-party-packages trusty verification-done-trusty verification-needed-utopic amd64 apport-bug patch regression-update third-party-packages trusty verification-done-trusty verification-needed-utopic
2015-03-07 02:25:04 Andy Brody tags amd64 apport-bug patch regression-update third-party-packages trusty verification-done-trusty verification-needed-utopic amd64 apport-bug patch regression-update third-party-packages trusty verification-done-trusty verification-done-utopic
2015-03-09 21:13:42 Andy Brody bug added subscriber Andy Brody
2015-03-11 22:56:12 Launchpad Janitor gnome-keyring (Ubuntu Utopic): status Fix Committed Fix Released
2015-03-31 01:09:44 Simon May bug added subscriber Simon May
2015-11-13 21:05:30 Mathew Hodson gnome-keyring (Ubuntu Trusty): importance Undecided Wishlist
2015-11-13 21:05:33 Mathew Hodson gnome-keyring (Ubuntu Utopic): importance Undecided Wishlist