GNU bug report logs -
#30246
25.2.50; auth-source does not support creation or deletion with secrets provider
Previous Next
Reported by: Allen Li <vianchielfaura <at> gmail.com>
Date: Thu, 25 Jan 2018 00:57:01 UTC
Severity: normal
Tags: fixed
Found in version 25.2.50
Fixed in version 27.1
Done: Michael Albinus <michael.albinus <at> gmx.de>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 30246 in the body.
You can then email your comments to 30246 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Thu, 25 Jan 2018 00:57:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Allen Li <vianchielfaura <at> gmail.com>
:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org
.
(Thu, 25 Jan 2018 00:57:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
auth-source does not support saving secrets with the Secrets API
backend. This reduces the usefulness of auth-source significantly
since keychains that provide secure secret storage using the API are
standard on many GNU/Linux distributions (e.g., gnome-keyring on
Ubuntu).
(auth-source-search :type 'secrets :max 1
:host "localhost"
:user "user"
:create '(secret user host))
Debugger entered--Lisp error: (cl-assertion-failed ((not create) "The
Secrets API auth-source backend doesn't support creation yet"))
cl--assertion-failed((not create) "The Secrets API auth-source
backend doesn't support creation yet" nil nil)
auth-source-secrets-search(:backend
[eieio-class-tag--auth-source-backend secrets "Login" t t t nil
auth-source-secrets-create auth-source-secrets-search] :type secrets
:max 1 :require nil :create (secret user host) :delete nil :type
secrets :max 1 :host "localhost" :user "user" :create (secret user
host))
apply(auth-source-secrets-search :backend
[eieio-class-tag--auth-source-backend secrets "Login" t t t nil
auth-source-secrets-create auth-source-secrets-search] :type secrets
:max 1 :require nil :create (secret user host) :delete nil (:type
secrets :max 1 :host "localhost" :user "user" :create (secret user
host)))
auth-source-search-backends(([eieio-class-tag--auth-source-backend
secrets "Login" t t t nil auth-source-secrets-create
auth-source-secrets-search]) (:type secrets :max 1 :host "localhost"
:user "user" :create (secret user host)) 1 (secret user host) nil nil)
auth-source-search(:type secrets :max 1 :host "localhost" :user
"user" :create (secret user host))
eval((auth-source-search :type (quote secrets) :max 1 :host
"localhost" :user "user" :create (quote (secret user host))) nil)
elisp--eval-last-sexp(nil)
eval-last-sexp(nil)
funcall-interactively(eval-last-sexp nil)
#<subr call-interactively>(eval-last-sexp nil nil)
apply(#<subr call-interactively> eval-last-sexp (nil nil))
call-interactively <at> ido-cr+-record-current-command(#<subr
call-interactively> eval-last-sexp nil nil)
apply(call-interactively <at> ido-cr+-record-current-command #<subr
call-interactively> (eval-last-sexp nil nil))
call-interactively(eval-last-sexp nil nil)
command-execute(eval-last-sexp)
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Thu, 25 Jan 2018 10:12:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 30246 <at> debbugs.gnu.org (full text, mbox):
Allen Li <vianchielfaura <at> gmail.com> writes:
Hi Allen,
> auth-source does not support saving secrets with the Secrets API
> backend. This reduces the usefulness of auth-source significantly
> since keychains that provide secure secret storage using the API are
> standard on many GNU/Linux distributions (e.g., gnome-keyring on
> Ubuntu).
This was reported already some years ago on the emacs-help ML, see
<http://lists.gnu.org/archive/html/help-gnu-emacs/2013-06/msg00361.html>. IIRC,
it wasn't trivial to implement, that's why it has lingered around on my
TODO since then.
See also `auth-source-secrets-create' in auth-source.el, which misses
its implementation. And you've got the error message "The Secrets API
auth-source backend doesn't support creation yet".
Since I am working on secrets.el these days anyway due to your other
report bug#29575, chances are good that I'll fix this, finally.
Best regards, Michael.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Fri, 13 Apr 2018 13:42:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 30246 <at> debbugs.gnu.org (full text, mbox):
Michael Albinus <michael.albinus <at> gmx.de> writes:
> Hi Allen,
>
>> auth-source does not support saving secrets with the Secrets API
>> backend. This reduces the usefulness of auth-source significantly
>> since keychains that provide secure secret storage using the API are
>> standard on many GNU/Linux distributions (e.g., gnome-keyring on
>> Ubuntu).
>
> Since I am working on secrets.el these days anyway due to your other
> report bug#29575, chances are good that I'll fix this, finally.
I've implemented creation of secrets via the Secret Service API in
auth-source.el. Could you, pls, check?
I will add support for this into Tramp. It doesn't create yet items, for
any backend.
Deletion isn't implemented for any auth-source backend yet. So I haven't
done it for the Secret Service API either, and I don't plan it for next time.
Best regards, Michael.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Mon, 16 Apr 2018 01:52:01 GMT)
Full text and
rfc822 format available.
Message #14 received at 30246 <at> debbugs.gnu.org (full text, mbox):
Thanks. Currently I'm using Emacs 26 due to bugs in 27, so due to
various reasons it may take a few weeks for me to get around to trying
it.
On Fri, Apr 13, 2018 at 6:41 AM, Michael Albinus <michael.albinus <at> gmx.de> wrote:
> Michael Albinus <michael.albinus <at> gmx.de> writes:
>
>> Hi Allen,
>>
>>> auth-source does not support saving secrets with the Secrets API
>>> backend. This reduces the usefulness of auth-source significantly
>>> since keychains that provide secure secret storage using the API are
>>> standard on many GNU/Linux distributions (e.g., gnome-keyring on
>>> Ubuntu).
>>
>> Since I am working on secrets.el these days anyway due to your other
>> report bug#29575, chances are good that I'll fix this, finally.
>
> I've implemented creation of secrets via the Secret Service API in
> auth-source.el. Could you, pls, check?
>
> I will add support for this into Tramp. It doesn't create yet items, for
> any backend.
>
> Deletion isn't implemented for any auth-source backend yet. So I haven't
> done it for the Secret Service API either, and I don't plan it for next time.
>
> Best regards, Michael.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Mon, 16 Apr 2018 06:45:02 GMT)
Full text and
rfc822 format available.
Message #17 received at 30246 <at> debbugs.gnu.org (full text, mbox):
Allen Li <darkfeline <at> felesatra.moe> writes:
Hi Allen,
> Thanks. Currently I'm using Emacs 26 due to bugs in 27, so due to
> various reasons it may take a few weeks for me to get around to trying
> it.
No problem, take your time.
Best regards, Michael.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Mon, 23 Apr 2018 08:44:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 30246 <at> debbugs.gnu.org (full text, mbox):
Michael Albinus <michael.albinus <at> gmx.de> writes:
Hi Allen,
> I've implemented creation of secrets via the Secret Service API in
> auth-source.el. Could you, pls, check?
>
> I will add support for this into Tramp. It doesn't create yet items, for
> any backend.
That's done now.
Best regards, Michael.
Added tag(s) fixed.
Request was from
Michael Albinus <michael.albinus <at> gmx.de>
to
control <at> debbugs.gnu.org
.
(Thu, 21 Jun 2018 11:57:03 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Wed, 05 Sep 2018 08:58:02 GMT)
Full text and
rfc822 format available.
Message #25 received at 30246 <at> debbugs.gnu.org (full text, mbox):
Allen Li <darkfeline <at> felesatra.moe> writes:
Hi Allen,
> Thanks. Currently I'm using Emacs 26 due to bugs in 27, so due to
> various reasons it may take a few weeks for me to get around to trying
> it.
Could you test it by any chance in Emacs 27? If not, I'll close the
bug. You could still report later if it doesn't work as expected.
Best regards, Michael.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Sat, 08 Sep 2018 23:52:02 GMT)
Full text and
rfc822 format available.
Message #28 received at 30246 <at> debbugs.gnu.org (full text, mbox):
On Wed, Sep 5, 2018 at 1:57 AM Michael Albinus <michael.albinus <at> gmx.de> wrote:
>
> Could you test it by any chance in Emacs 27? If not, I'll close the
> bug. You could still report later if it doesn't work as expected.
It looks like secret creation works now, however I can't seem to
retrieve the secret. I can file a separate bug for that if you want.
(auth-source-search :host "example.com" :user "bob" :secret "password"
:create t)
After calling the returned save function, I can confirm that the
secret is created:
$ secret-tool search --all --unlock host example.com user bob
[/org/freedesktop/secrets/collection/login/484]
label = bob <at> example.com
secret = password
created = 2018-09-08 23:35:47
modified = 2018-09-08 23:35:47
schema = org.freedesktop.Secret.Generic
attribute.host = example.com
attribute.user = bob
However I cannot seem to retrieve it using auth-source:
(auth-source-search :host "example.com" :user "bob")
nil
Also, deletion still isn't supported:
(auth-source-delete :host "example.com" :user "bob")
(cl-assertion-failed ((not delete) "The Secrets API auth-source
backend doesn't suppor..."))
>
> Best regards, Michael.
Information forwarded
to
bug-gnu-emacs <at> gnu.org
:
bug#30246
; Package
emacs
.
(Tue, 11 Sep 2018 10:27:01 GMT)
Full text and
rfc822 format available.
Message #31 received at 30246 <at> debbugs.gnu.org (full text, mbox):
Allen Li <darkfeline <at> felesatra.moe> writes:
Hi Allen,
>> Could you test it by any chance in Emacs 27? If not, I'll close the
>> bug. You could still report later if it doesn't work as expected.
>
> It looks like secret creation works now, however I can't seem to
> retrieve the secret. I can file a separate bug for that if you want.
Yes, please do. Because:
> (auth-source-search :host "example.com" :user "bob" :secret "password"
> :create t)
>
> After calling the returned save function, I can confirm that the
> secret is created:
>
> $ secret-tool search --all --unlock host example.com user bob
> [/org/freedesktop/secrets/collection/login/484]
> label = bob <at> example.com
> secret = password
> created = 2018-09-08 23:35:47
> modified = 2018-09-08 23:35:47
> schema = org.freedesktop.Secret.Generic
> attribute.host = example.com
> attribute.user = bob
>
> However I cannot seem to retrieve it using auth-source:
>
> (auth-source-search :host "example.com" :user "bob")
> nil
I could reproduce it locally. And I could reproduce it also with another
backend, "~/.authinfo". However, if I start a new Emacs session,
(auth-source-search :host "example.com" :user "bob")
returns a valid result. Don't know whether this is a bug or a feature; I
let it to you to decide how to handle. The original bug in this report
("auth-source does not support creation with secrets provider") seems to
be solved, so I'd like to close this.
> Also, deletion still isn't supported:
>
> (auth-source-delete :host "example.com" :user "bob")
> (cl-assertion-failed ((not delete) "The Secrets API auth-source
> backend doesn't suppor..."))
Yes. But deletion is not supported by any auth-source backend. So I
would prefer if we handle this in another bug report, if the
functionality is missing for you.
To be honest, I'm undecided whether deletion makes sense in auth-source.
Best regards, Michael.
Reply sent
to
Michael Albinus <michael.albinus <at> gmx.de>
:
You have taken responsibility.
(Thu, 13 Sep 2018 14:11:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Allen Li <vianchielfaura <at> gmail.com>
:
bug acknowledged by developer.
(Thu, 13 Sep 2018 14:11:02 GMT)
Full text and
rfc822 format available.
Message #36 received at 30246-done <at> debbugs.gnu.org (full text, mbox):
Version: 27.1
Michael Albinus <michael.albinus <at> gmx.de> writes:
Hi Allen,
>>> Could you test it by any chance in Emacs 27? If not, I'll close the
>>> bug. You could still report later if it doesn't work as expected.
>>
>> It looks like secret creation works now, however I can't seem to
>> retrieve the secret. I can file a separate bug for that if you want.
>
> Yes, please do.
There's now bug#32725 for that problem. I'm closing this bug, therefore.
Best regards, Michael.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Fri, 12 Oct 2018 11:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 5 years and 192 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.