summaryrefslogtreecommitdiff
path: root/assets/outbox/2025-11-08-keyring-fix-next-steps.org
diff options
context:
space:
mode:
Diffstat (limited to 'assets/outbox/2025-11-08-keyring-fix-next-steps.org')
-rw-r--r--assets/outbox/2025-11-08-keyring-fix-next-steps.org75
1 files changed, 75 insertions, 0 deletions
diff --git a/assets/outbox/2025-11-08-keyring-fix-next-steps.org b/assets/outbox/2025-11-08-keyring-fix-next-steps.org
new file mode 100644
index 0000000..e478ac3
--- /dev/null
+++ b/assets/outbox/2025-11-08-keyring-fix-next-steps.org
@@ -0,0 +1,75 @@
+#+TITLE: GNOME Keyring Authentication Fix - Next Steps
+#+DATE: 2025-11-08
+#+AUTHOR: Craig Jennings & Claude
+
+* URGENT: Complete Keyring Fix on Next Login
+
+** What Was Done
+- ✅ Identified the problem: Apps (nm-applet, signal-desktop, protonmail-bridge, insync) need keyring access
+- ✅ Updated =/etc/pam.d/system-login= to unlock keyring on console login
+- ✅ Created backup: =/etc/pam.d/system-login.backup=
+
+** What Needs to Be Done
+
+The PAM fix only works if your keyring password matches your login password.
+
+*** Option 1: Delete Old Keyring (RECOMMENDED - Fresh Start)
+
+#+begin_src bash
+# Backup the old keyring
+mv ~/.local/share/keyrings/login.keyring ~/.local/share/keyrings/login.keyring.backup
+
+# On next login, a new keyring will be created automatically with your login password
+# The PAM integration will unlock it automatically
+#+end_src
+
+*Caveat:* You'll need to re-enter saved passwords:
+- WiFi passwords (nm-applet)
+- Signal encryption password
+- ProtonMail Bridge credentials
+- Insync cloud sync credentials
+
+*** Option 2: Change Keyring Password to Match Login Password
+
+#+begin_src bash
+# Install seahorse if needed
+sudo pacman -S seahorse
+
+# Launch seahorse GUI
+seahorse
+
+# Then: Right-click "Login" keyring → "Change Password"
+# Set it to your current login password
+#+end_src
+
+** Testing the Fix
+
+After choosing one option above:
+
+1. Logout completely (=logout= or Ctrl+D)
+2. Login at console (PAM will now unlock the keyring using your password)
+3. Type =startx=
+4. The "Authentication Required" dialog should NOT appear
+
+** Rollback Instructions (If Needed)
+
+If something goes wrong:
+
+#+begin_src bash
+# Restore original PAM configuration
+sudo cp /etc/pam.d/system-login.backup /etc/pam.d/system-login
+#+end_src
+
+** Files Modified
+
+- =/etc/pam.d/system-login= - Added pam_gnome_keyring.so integration
+- =/etc/pam.d/system-login.backup= - Original backup
+
+** PAM Changes Made
+
+Added two lines to =/etc/pam.d/system-login=:
+
+#+begin_example
+auth optional pam_gnome_keyring.so # Line 5 - unlock keyring with login password
+session optional pam_gnome_keyring.so auto_start # Line 14 - start daemon if needed
+#+end_example
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-27 21:57:16 +0000