Bradley Pursley wrote: > Now I'd like to see if another annoying thing can be removed - > getting rid of the prompt for the keyring password. Since my > machines are not used publicly, I have no desktop security issues to > worry about and would like to know how I can keep it from prompting > me for it in the first place. Any ideas how to automate or remove > this? It's possible to have a login keyring which is unlocked automatically when you login. This requires you to set the keyring's passphrase to the same passphrase as your login passphrase. It doesn't work out of the box and it doesn't work for everyone either. I've got it working on F8. I'll try to detail the steps I took to get it working. But for the most part, you may need to debug this yourself if it doesn't work (and if it breaks, you get to keep the pieces). 1) Ensure gnome-keyring-pam is installed 2) Setup /etc/pam.d/gdm [1] 3) Log out of gnome, ensure any desktop daemons have been killed 4) Restart gdm (telinit 3; telinit 5 works, as does gdm-restart) 5) Log in via the console and delete ~/.gnome/keyrings; Log out 6) Log in via gdm, when prompted for a keyring passphrase, use you login passphrase Perhaps that will help. AFAIK, that's what I did to get it working. Hopefully I'm not missing any important steps. [1] Here is the /etc/pam.d/gdm file from my system: #%PAM-1.0 auth [success=done ignore=ignore default=bad] pam_selinux_permit.so auth required pam_env.so auth optional pam_gnome_keyring.so auth include system-auth account required pam_nologin.so account include system-auth password include system-auth session required pam_selinux.so close session include system-auth session required pam_loginuid.so session optional pam_console.so session required pam_selinux.so open session optional pam_keyinit.so force revoke session required pam_namespace.so session optional pam_gnome_keyring.so auto_start -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Between two evils, I always pick the one I never tried before. -- Mae West
Attachment:
pgpc1SaKXJTn1.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list