diff options
| -rwxr-xr-x | archsetup | 17 | ||||
| -rw-r--r-- | dotfiles/common/.local/share/keyrings/default | 1 | ||||
| -rw-r--r-- | dotfiles/common/.local/share/keyrings/login.keyring | 6 | ||||
| -rw-r--r-- | dotfiles/hyprland/.config/hypr/hyprland.conf | 3 | ||||
| -rwxr-xr-x | dotfiles/hyprland/.local/bin/init-keyring | 46 |
5 files changed, 10 insertions, 63 deletions
@@ -1517,7 +1517,6 @@ desktop_environment() { pacman_install gnupg pacman_install polkit pacman_install gnome-keyring - pacman_install python-secretstorage # for init-keyring script (empty password keyring) pacman_install seahorse pacman_install pass @@ -1528,25 +1527,13 @@ desktop_environment() { find /home/"$username"/.gnupg -type f -exec chmod 600 {} \; find /home/"$username"/.gnupg -type d -exec chmod 700 {} \; - # pre-create gnome-keyring structure so it uses 'login' keyring - # (auto-unlocks at login) instead of creating 'Default_keyring' (prompts for password) + # pre-create gnome-keyring directory; empty-password login.keyring comes from dotfiles + # this allows auto-unlock without password prompt (works with autologin) keyring_dir="/home/$username/.local/share/keyrings" mkdir -p "$keyring_dir" - echo "login" > "$keyring_dir/default" chown -R "$username": "/home/$username/.local/share/keyrings" chmod 700 "$keyring_dir" - # configure PAM to auto-unlock gnome-keyring on console login - # this passes the login password to gnome-keyring-daemon at session start - action="configuring PAM for gnome-keyring auto-unlock" && display "task" "$action" - pam_login="/etc/pam.d/login" - if ! grep -q "pam_gnome_keyring.so" "$pam_login"; then - # add auth line after the last auth line - sed -i '/^auth.*system-local-login/a auth optional pam_gnome_keyring.so' "$pam_login" - # add session line after the last session line - sed -i '/^session.*system-local-login/a session optional pam_gnome_keyring.so auto_start' "$pam_login" - fi - # Power Management action="Power Management" && display "subtitle" "$action" diff --git a/dotfiles/common/.local/share/keyrings/default b/dotfiles/common/.local/share/keyrings/default new file mode 100644 index 0000000..a46884d --- /dev/null +++ b/dotfiles/common/.local/share/keyrings/default @@ -0,0 +1 @@ +login diff --git a/dotfiles/common/.local/share/keyrings/login.keyring b/dotfiles/common/.local/share/keyrings/login.keyring new file mode 100644 index 0000000..fdb8f31 --- /dev/null +++ b/dotfiles/common/.local/share/keyrings/login.keyring @@ -0,0 +1,6 @@ +[keyring] +display-name=Login +ctime=0 +mtime=0 +lock-on-idle=false +lock-after=false diff --git a/dotfiles/hyprland/.config/hypr/hyprland.conf b/dotfiles/hyprland/.config/hypr/hyprland.conf index 1c3408e..1d1a368 100644 --- a/dotfiles/hyprland/.config/hypr/hyprland.conf +++ b/dotfiles/hyprland/.config/hypr/hyprland.conf @@ -16,9 +16,8 @@ exec-once = systemctl --user start xdg-desktop-portal-hyprland xdg-desktop-porta # Core services exec-once = /usr/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh -exec-once = init-keyring exec-once = dunst > ~/.local/var/log/dunst-$(date +%Y-%m-%d-%H%M%S).log 2>&1 -exec-once = hyprpm reload && sleep 2 && hyprctl dismissnotify -1 +exec-once = hyprpm list &>/dev/null && hyprpm reload; sleep 2 && hyprctl dismissnotify -1 # Desktop appearance (after portal is ready) exec-once = swww-daemon && sleep 1 && swww img ~/pictures/wallpaper/trondheim-norway.jpg diff --git a/dotfiles/hyprland/.local/bin/init-keyring b/dotfiles/hyprland/.local/bin/init-keyring deleted file mode 100755 index c8bb733..0000000 --- a/dotfiles/hyprland/.local/bin/init-keyring +++ /dev/null @@ -1,46 +0,0 @@ -#!/usr/bin/env python3 -"""Initialize gnome-keyring with empty password for autologin systems. - -This script creates the 'login' keyring collection with an empty password, -allowing gnome-keyring to auto-unlock without PAM password entry. - -Only runs once - exits immediately if login keyring already exists. -""" - -import os -import sys - -# Check if login keyring already exists -keyring_dir = os.path.expanduser("~/.local/share/keyrings") -login_keyring = os.path.join(keyring_dir, "login.keyring") - -if os.path.exists(login_keyring): - sys.exit(0) - -try: - import secretstorage -except ImportError: - print("python-secretstorage not installed", file=sys.stderr) - sys.exit(1) - -try: - connection = secretstorage.dbus_init() - - # Check if login collection exists via D-Bus - collections = list(secretstorage.get_all_collections(connection)) - for collection in collections: - if collection.get_label() == "login" or collection.get_label() == "Login": - # Already exists - sys.exit(0) - - # Create login collection with empty password - secretstorage.create_collection(connection, "Login", password=b"") - - # Set as default - os.makedirs(keyring_dir, exist_ok=True) - with open(os.path.join(keyring_dir, "default"), "w") as f: - f.write("login") - -except Exception as e: - print(f"Failed to initialize keyring: {e}", file=sys.stderr) - sys.exit(1) |