node-keytar
node-keytar copied to clipboard
atom
`addPassword` returns `false` in minimal Linux installation
Prerequisites
Strictly speaking, this is not an Atom application, so not sure any of this info is relevant.
Description
- Package Version: 3.0.0
- Electron Version: 4.2.5
- OS: Ubuntu 18.04
An Electron application using keytar fails to save a password using the addPassword function while running on a minimal installation of Ubuntu 18.04.
Steps to Reproduce
- Install Ubuntu 18.04 using the Minimal option.
- Verify that
gnome-keyringandlibsecret-1-0are installed. - Download and extract a .tar.gz file containing an Electron application that uses keytar (see below for example code).
- Run the Electron application from the command line.
Expected behavior:
The example application should run as expected, outputting "Success!" at the end.
Actual behavior:
The example application outputs "Error: Unable to add password" is printed, and the application exits with an error.
Reproduces how often:
Every time the application is launched.
Additional Information
var keytar = require('keytar');
var addResult = keytar.addPassword("MyService", "MyAccount", "TEST_PASSWORD");
if (!addResult) {
console.log("Error: Unable to add password")
process.exit(1);
}
var getResult = keytar.getPassword("MyService", "MyAccount");
if (getResult !== "TEST_PASSWORD") {
console.log("Error: Unexpected password from password manager service");
process.exit(1);
}
keytar.deletePassword(testService, testAccount);
console.log("Success!");
I understand [email protected] is pretty old, but it should still work against the libsecret API, according to the documentation, right?
I understand
[email protected]is pretty old, but it should still work against thelibsecretAPI, according to the documentation, right?
No, the switch to using libsecret was added in https://github.com/atom/node-keytar/commit/9d6821d8c57ae4744c07bdc10ea2910b86d15866 and released in v4.0.0.
Please use a more recent build of keytar.
@shiftkey Ah... OK. Let me see if upgrading will fix my issue. Might take me a few days.
I confirm that i cannot use it in an electron installation on ubuntu 19.10 (minimal installation).
This actually happen both in electron and in normal node. No error are displayed.
libsecret:
ubuntu@ubuntu-VirtualBox:~/Desktop/node-keytar$ dpkg -l | grep libsecret
ii libsecret-1-0:amd64 0.18.8-2 amd64 Secret store
ii libsecret-common 0.18.8-2 all Secret store (common files)
gnome-keyring:
ubuntu@ubuntu-VirtualBox:~/Desktop/node-keytar$ dpkg -l | grep gnome-keyring
ii gnome-keyring 3.34.0-1ubuntu1 amd64 GNOME keyring services (daemon and tools)
ii gnome-keyring-pkcs11:amd64 3.34.0-1ubuntu1 amd64 GNOME keyring module for the PKCS#11 module loading library
ii libpam-gnome-keyring:amd64 3.34.0-1ubuntu1 amd64 PAM module to unlock the GNOME keyring upon login
keytar.setPassword seems to be wait forever and never return (or resolve the promise). can i attach more debug information?
@oltreseba can you confirm that the gnome-keyring-daemon is active? The "wait forever" behaviour makes sense if there's nothing responding to the request from keytar to set the password.
Hello @shiftkey, I thinks it's running:
ubuntu@ubuntu-VirtualBox:~/Desktop/node-keytar$ pgrep -f gnome-keyring-daemon
1027
Also I'm using a more recent version (5.4.0). Is it still supposed to depend on gnome-keyring?
Thank you.
@oltreseba I have a feeling I am hitting exactly the same problem. Did you manage to solve it and how?
Not at all. We decided to skip this for linux versions. We were planning to use keytar to store a random generated encryption key that we use to encrypt user informations at rest. On linux we hardcoded a random encryption key (which is more or less as safe as not encrypting at all). Linux is not our main target.