keyring cannot be unlocked if used fingerprint to login gnome session

Thank you for your bug report. Can you reproduce the issue every time you log with fingerprint? Could you try again and if you hit the problem attach your 'journalctl -b 0' log and specify the time where you hit the problem?

Attached is 'journalctl -b 0' log.

I boot up my laptop, seeing the GDM then selected my user and swipe my fingerprint to login.
After seeing the desktop, I launched "Passwords and Keys" to try to unlock it. But it failed.

I performed the swipe finger to unlock around "Apr 30 00:33:xx".

Thank you for the details. Did you try clicking an 'unlock' button in the session from the log?

The login has
gnome-shell[2812]: keyringPrompt: Failed to show modal dialog. Dismissing prompt request

Do you get any other prompt when login in, like to connect to your router or something?

I did click the unlock button in the "Passwords and Keys" as thats where I
expect can see stored passwords.

No other prompt was shown. The fingerprint unlock went smooth and I didn't
see any prompt.

On Thu, 30 Apr 2020, 3:01 pm Sebastien Bacher, <email address hidden> wrote:

> Thank you for the details. Did you try clicking an 'unlock' button in
> the session from the log?
>
> The login has
> gnome-shell[2812]: keyringPrompt: Failed to show modal dialog. Dismissing
> prompt request
>
> Do you get any other prompt when login in, like to connect to your
> router or something?
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1875845
>
> Title:
> keyring cannot be unlocked if used fingerprint to login gnome session
>
> Status in gnome-keyring package in Ubuntu:
> Incomplete
>
> Bug description:
>
>
> I upgraded to Ubuntu 20.04 and setup the fingerprint login.
> Today when I tried to launch remmina it didn't show up for a long time.
>
> I launch Gnome Password and Keys > Passwords > Login I see there's a
> button to click to unlock. Clicking the unlock button is still waiting
> forever.
>
> A moment later I logout current session and type in the user password
> to login. Then I could launch remmina and unlock the Gnome Password
> and Keys.
>
>
> System info
>
>
> ❯ lsb_release -rd
> Description: Ubuntu 20.04 LTS
> Release: 20.04
>
> ~
>
> ❯ apt-cache policy gnome-keyring
> gnome-keyring:
> Installed: 3.36.0-1ubuntu1
> Candidate: 3.36.0-1ubuntu1
> Version table:
> *** 3.36.0-1ubuntu1 500
> 500 http://ftp.cuhk.edu.hk/pub/Linux/ubuntu focal/main amd64
> Packages
> 100 /var/lib/dpkg/status
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1875845/+subscriptions
>

It's a bit unclear, do you mean you can't reproduce the issue anymore?

If you still see the issue could you do
$ journalctl -f

trigger the bug and copy the output that was added to the journal log

Attached is the output of `journalctl -f` for the above screencast action.

Like I said in the 1st post, I discovered the issue because of using remmina to launch remote desktop. This is the message I got in terminal:

❯ remmina
Remmina plugin glibsecret (type=Secret) has registered but not yet initialized/activated. Initialization order is 2000.

This is the correct screencast.

Thanks

@Marco, could you see if you get that issue as well since you have a working fingerprint config

We've been looking this a bit with security team, the outcome is:

 1. Gnome-keyring needs a password to unlock and it matches the login one by default,
    so it only unlocks in such case
 2. It's not too bad from a security POV to actually require a proper password to unlock
    all the secrets
 3. User may still want it, but this needs work.

Upstream bug is https://gitlab.gnome.org/GNOME/gnome-keyring/-/issues/1

@Marco, there is also a bug there which isn't a wishlist, the keyring in that case should prompt for a password like it does when using autologin

The first log has that error though
'NetworkManager[958]: <info> [1588178035.3236] agent-manager: agent[8102b0d78d474c3c,:1.238/org.gnome.Shell.NetworkAgent/1000]: >
gnome-shell[2812]: pushModal: invocation of begin_modal failed
gnome-shell[2812]: keyringPrompt: Failed to show modal dialog. Dismissing prompt request'

Which seems to indicate that prompting was requested by failed

I was about to submit this same bug... I can confirm that every time you login to your gnome session with a fingerprint you can't unlock your login keyring.

It seems that the prompt asking for the password fails to appear.
For example, opening seahorse and clicking "unlock" has no effect (the button becomes gray but no prompt is shown). When other software tries to access the keyring (which is still locked) no prompt is shown and the software (e.g. the browser) either gets stuck, hangs or crashes.

The only workaround I found so far is to lock the session and then unlock it with the password. After that, clicking on "unlock" in seahorse will work. I guess that the password you just used to unlock the session is cached for a while.

Same bug since yesterday's update ...

Same here on the fresh install

$ lsb_release -rd
Description: Ubuntu 20.04.1 LTS
Release: 20.04

In my case, I also enabled fingerprint for sudo with `pam-auth-update`

Same issue with Dell Xps fingerprint 15 9510

Description: Ubuntu 21.10
Release: 21.10

Same here

Description: Pop!_OS 20.04 LTS
Release: 20.04