`addPassword` returns `false` in minimal Linux installation

[craxal]

Prerequisites

Strictly speaking, this is not an Atom application, so not sure any of this info is relevant.

Description

• Package Version: 3.0.0
• Electron Version: 4.2.5
• OS: Ubuntu 18.04

An Electron application using keytar fails to save a password using the addPassword function while running on a minimal installation of Ubuntu 18.04.

Steps to Reproduce

1. Install Ubuntu 18.04 using the Minimal option.
2. Verify that gnome-keyring and libsecret-1-0 are installed.
3. Download and extract a .tar.gz file containing an Electron application that uses keytar (see below for example code).
4. Run the Electron application from the command line.

Expected behavior:

The example application should run as expected, outputting "Success!" at the end.

Actual behavior:

The example application outputs "Error: Unable to add password" is printed, and the application exits with an error.

Reproduces how often:

Every time the application is launched.

Additional Information

var keytar = require('keytar');

var addResult = keytar.addPassword("MyService", "MyAccount", "TEST_PASSWORD");
if (!addResult) {
    console.log("Error: Unable to add password")
    process.exit(1);
}

var getResult = keytar.getPassword("MyService", "MyAccount");
if (getResult !== "TEST_PASSWORD") {
    console.log("Error: Unexpected password from password manager service");
    process.exit(1);
}

keytar.deletePassword(testService, testAccount);

console.log("Success!");

I understand keytar@3.0.0 is pretty old, but it should still work against the libsecret API, according to the documentation, right?

[shiftkey]

I understand keytar@3.0.0 is pretty old, but it should still work against the libsecret API, according to the documentation, right?

No, the switch to using libsecret was added in 9d6821d and released in v4.0.0.

Please use a more recent build of keytar.

[craxal]

@shiftkey Ah... OK. Let me see if upgrading will fix my issue. Might take me a few days.

[oltreseba]

I confirm that i cannot use it in an electron installation on ubuntu 19.10 (minimal installation).

This actually happen both in electron and in normal node. No error are displayed.

libsecret:

ubuntu@ubuntu-VirtualBox:~/Desktop/node-keytar$ dpkg -l | grep libsecret
ii  libsecret-1-0:amd64                        0.18.8-2                               amd64        Secret store
ii  libsecret-common                           0.18.8-2                               all          Secret store (common files)

gnome-keyring:

ubuntu@ubuntu-VirtualBox:~/Desktop/node-keytar$ dpkg -l | grep gnome-keyring
ii  gnome-keyring                              3.34.0-1ubuntu1                        amd64        GNOME keyring services (daemon and tools)
ii  gnome-keyring-pkcs11:amd64                 3.34.0-1ubuntu1                        amd64        GNOME keyring module for the PKCS#11 module loading library
ii  libpam-gnome-keyring:amd64                 3.34.0-1ubuntu1                        amd64        PAM module to unlock the GNOME keyring upon login

keytar.setPassword seems to be wait forever and never return (or resolve the promise). can i attach more debug information?

[shiftkey]

@oltreseba can you confirm that the gnome-keyring-daemon is active? The "wait forever" behaviour makes sense if there's nothing responding to the request from keytar to set the password.

[oltreseba]

Hello @shiftkey,
I thinks it's running:

ubuntu@ubuntu-VirtualBox:~/Desktop/node-keytar$ pgrep -f gnome-keyring-daemon
1027

Also I'm using a more recent version (5.4.0). Is it still supposed to depend on gnome-keyring?

Thank you.

[smarki]

@oltreseba I have a feeling I am hitting exactly the same problem. Did you manage to solve it and how?

[oltreseba]

Not at all. We decided to skip this for linux versions. We were planning to use keytar to store a random generated encryption key that we use to encrypt user informations at rest. On linux we hardcoded a random encryption key (which is more or less as safe as not encrypting at all). Linux is not our main target.