blob: e478ac33f3273ac8c502cfea7ef49f740608b0af (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
#+TITLE: GNOME Keyring Authentication Fix - Next Steps
#+DATE: 2025-11-08
#+AUTHOR: Craig Jennings & Claude
* URGENT: Complete Keyring Fix on Next Login
** What Was Done
- ✅ Identified the problem: Apps (nm-applet, signal-desktop, protonmail-bridge, insync) need keyring access
- ✅ Updated =/etc/pam.d/system-login= to unlock keyring on console login
- ✅ Created backup: =/etc/pam.d/system-login.backup=
** What Needs to Be Done
The PAM fix only works if your keyring password matches your login password.
*** Option 1: Delete Old Keyring (RECOMMENDED - Fresh Start)
#+begin_src bash
# Backup the old keyring
mv ~/.local/share/keyrings/login.keyring ~/.local/share/keyrings/login.keyring.backup
# On next login, a new keyring will be created automatically with your login password
# The PAM integration will unlock it automatically
#+end_src
*Caveat:* You'll need to re-enter saved passwords:
- WiFi passwords (nm-applet)
- Signal encryption password
- ProtonMail Bridge credentials
- Insync cloud sync credentials
*** Option 2: Change Keyring Password to Match Login Password
#+begin_src bash
# Install seahorse if needed
sudo pacman -S seahorse
# Launch seahorse GUI
seahorse
# Then: Right-click "Login" keyring → "Change Password"
# Set it to your current login password
#+end_src
** Testing the Fix
After choosing one option above:
1. Logout completely (=logout= or Ctrl+D)
2. Login at console (PAM will now unlock the keyring using your password)
3. Type =startx=
4. The "Authentication Required" dialog should NOT appear
** Rollback Instructions (If Needed)
If something goes wrong:
#+begin_src bash
# Restore original PAM configuration
sudo cp /etc/pam.d/system-login.backup /etc/pam.d/system-login
#+end_src
** Files Modified
- =/etc/pam.d/system-login= - Added pam_gnome_keyring.so integration
- =/etc/pam.d/system-login.backup= - Original backup
** PAM Changes Made
Added two lines to =/etc/pam.d/system-login=:
#+begin_example
auth optional pam_gnome_keyring.so # Line 5 - unlock keyring with login password
session optional pam_gnome_keyring.so auto_start # Line 14 - start daemon if needed
#+end_example
|
