






















Hi! I'm very new to Arch, so I apologize for my lack of understanding.
I'm trying to use secret-tool to store some of my credentials. However, when running the following commands:
secret-tool store --label='My password' key1 value1 key2 value2
Password: hunter2The only output I'm getting is
secret-tool: The name is not activatable. If I run the command as root (which I don't think I'm supposed to do), I get the following error:
secret-tool: Error spawning command line “dbus-launch --autolaunch=4479988cd3304bcf8c187562c7efc154 --binary-syntax --close-stderr”: Child process exited with code 1I haven't really found a web resource on this exact combination, but there's quite a bit of noise out there regarding the "name not activatable" error, which seems to be coming from the bus directly?
The same problem pops up in 1Password when trying to store my 2FA token:
WARN 2024-01-13T11:58:32.433 tokio-runtime-worker(ThreadId(11)) [1P:op-b5-client/src/internal/unauthorized_session.rs:1067] Error retrieving an account's 2FA token: SystemKeyringError(LinuxError(DBus(MethodError(OwnedErrorName(ErrorName(Str(Owned("org.freedesktop.DBus.Error.ServiceUnknown")))), Some([b]"The name is not activatable"[/b]), Msg { type: Error, sender: UniqueName(Str(Borrowed("org.freedesktop.DBus"))), reply-serial: 2, body: Signature("s") })))). Falling back to a prompt.Checking under /usr/share/dbus-1/services/, I can see that there's no org.freedesktop.Secrets.* files at all. I'm not entirely sure how to get them.
I have
installed for authentication and I haven't observed any issues with it.
I'm a bit stuck at this point, and not sure where to keep looking. If someone has an idea, I'd grateful for any help ![]()
Last edited by argonfox (2024-01-13 12:06:23)
I ran into the same problem now. I have installed Arch as the server (w/o DM, console only) and as the root user (no other user on this system).
I'm using gh (Github CLI) on this server and gh auth login needs to store credentials in the secure keyring, if the keyring isn't accessible then it stores them in plaintext.
It prints something like: 'Authentication credentials saved in plain text'. (during gh auth login)
So I started investigating this, created an issue at GH Cli, and found out that it needs the Gnome Keyring to work correctly.
On Arch is installed libsecret that should provide Secret Service API which should be exactly what is needed to make this work as is described at Arch wiki GNOME Keyring.
So I tried something like:
secret-tool store --label='test1' a1 v1To test this Secret Service API if it works and I get exactly the same message or error as you described above:
secret-tool: The name is not activatableI suppose that this Secret Service API doesn't work correctly, would be nice if anybody would know where the problem is. Currently, I'm lost.
Now I tried the same on the Ubuntu server and there it doesn't work as well, but the difference is that on Ubuntu server gh auth login can somehow access this secret keyring store and doesn't save passwords in plaintext.
Did you find out why it doesn't work?
Unfortunately, I haven't had the time to look further into this, and I've been away from that machine for a few weeks now. I'm glad I'm not the only one though. Hoping to get back to my Arch setup in a few weeks and likely to keep exploring then, as it's currently a major productivity blocker for me.
Ok, maybe one day we figure it out ?
Now I have found that on Ubuntu pam configuration contains:
# Create a new session keyring.
session optional pam_keyinit.so force revokeArch doesn't contain or doesn't use this pam_keyinit module, I think this can be a reason why on Ubuntu gh auth login can use keyring and on Arch can't.
From man 8 pam_keyinit:
pam_keyinit - Kernel session keyring initialiser module
The pam_keyinit PAM module ensures that the invoking process has a session keyring other than the user default session keyring.
What means it's the Kernel keyring that is attached to every process or thread. I don't know if libsecret can use this Kernel keyring if Gnome keyring isn't available but it looks like it can be it. I didn't find any other systemd units or anything else that can provide keyring, only this pam_keyinit module. But I only spent a few minutes on it, took me much longer to write this reply. ![]()
I tried to enable pam_keyinit on Arch and it didn't help, secret-tool store --label='test1' a1 v1 still prints the same error. I'm confused.
It could still have something to do with the dbus.
Last edited by silverqx (2024-04-29 21:55:45)
I ran into the same/a similar error (I couldn't create a new database connection in mysql-workbench).
installing something that provides org.freedesktop.secrets (for example gnome-keyring) fixed the error for me.
Last edited by patrlas (2024-06-23 16:36:39)
patrlas wrote:
installing something that provides org.freedesktop.secrets (for example gnome-keyring) fixed the error for me.
I got following error initial log in process of docker-sbx
ERROR: auth login failed: saving credentials: failed to open secretservice session: The name is not activatableInstalling gnome-keyring solved it. Thank you so much!
Last edited by asc91 (Today 11:58:53)
Glad to hear, but please note the dates of threads and try not to necro two year old posts https://wiki.archlinux.org/title/Genera … bumping%22
Closing this old thread.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。