Closed The-Maize closed 1 year ago
firebitsbr
commented
1 year ago HowTo:
https://rtfm.co.ua/en/what-is-linux-keyring-gnome-keyring-secret-service-and-d-bus/
Install packages: GUI:
qdbusviewer – view objects and messages, is a part of the qt5-tools set d-feet – D-Bus debugger bustle – D-Bus message analyzer and profiler
And Run it:
$ d-feet
Open Epic-Asset-Manager, close and open again.
aknarts
commented
1 year ago Thank you @firebitsbr for providing the gudie, I should probably include it in some form of FAQ.
@The-Maize the issue is that KDE currently does not have an implementation of secret manager. AFAIK they are working on it. In the mean time the "insecure" means that they are unencrypted on the drive which is not any less secure than what Heroic launcher or even the official EGS store does, so there is no "real" concern in terms of exposing the secrets to the public. If your system is compromised to the point of these being at risk you probably have other problems.
OdinVex
commented
1 year ago I have the same problem, but I'm using KeePassXC as my Secret Service on Manjaro (KDE environment, KDE Wallet disabled, everything passes through to KeePassXC transparently).
aknarts
commented
1 year ago This is just a warning message. I need to see if keepass is able to serve as the secret service(if it listens through dbus correctly). Will install it in a VM to see if and how this can be made work.
OdinVex
commented
1 year ago This is just a warning message. I need to see if keepass is able to serve as the secret service(if it listens through dbus correctly). Will install it in a VM to see if and how this can be made work.
Does anyone know if the dbus communication is case-sensitive (such as org.freedesktop.secrets (KDE Wallet) instead of org.freedesktop.Secrets) or not? KDE Wallet is providing org.freedesktop.Secret.Service for org.freedesktop.secrets/.
Edit: KDE Wallet is the (default) Secret Manager for KDE, it does indeed provide service through DBus API.
This is just a warning message. I need to see if keepass is able to serve as the secret service(if it listens through dbus correctly). Will install it in a VM to see if and how this can be made work.
KeePassXC works fine on Linux Mint Cinnamon as a Secrets provider, never tested in that environment for EAM.
aknarts
commented
1 year ago I do not think it is case sensitive. I do not doubt that it works, just not sure how gtk/flatpak talks to it there.
OdinVex
commented
1 year ago I do not think it is case sensitive. I do not doubt that it works, just not sure how gtk/flatpak talks to it there.
I use the AUR instead of Flatpak, if that helps direct attention.
aknarts
commented
1 year ago I made a crucial decision to not display the warning anymore. I do have couple reasons for this:
OdinVex
commented
1 year ago I made a crucial decision to not display the warning anymore. I do have couple reasons for this:
* It works on the supported DE (Gnome) * If it does not work it saves the secret like any other similar tool(looking at Legendary) which is presumably "secure enough" * I have no control over how every single DE implements their secret manager and if they all use the same standard * If and When there is a DE agnostic way of handling this I will use that instead of the current implementation but as of now this is "fine"
Implementing Secret Service properly is the agnostic way, but fine, I'll just keep patching every release with a private AUR.
aknarts
commented
1 year ago How did you patch AUR?:) Just curious I can patch it in AUR as well if it works properly for most test cases
OdinVex
commented
1 year ago How did you patch AUR?:) Just curious I can patch it in AUR as well if it works properly for most test cases
If I can find the time, I'll note a patch file, so you can apply during AUR build to fix. Fire destroyed some IRL stuff, got a lot to do right now. :/
Edit: Couldn't remember what I did, but it was inside github_token_changed. But I did manage to get it working without redoing the codeblock, just not sure why it is working this way:
Grabbed the src, added some poor-man's debug prints (error!("github_token_changed");) inside ./src/ui/widgets/preferences/mods.rs file's github_token_changed function and just after each condition for the map_or_else and it's working for no reason at all. Before I added that, though, I was running debug, and it'd print out that it could indeed connect, but the collection was assumed IsLocked. (It's not, it just requires every new application to be approved, but that is supposed to prompt, I think I recall added that kind of request in code, FIRST, if it is locked.)
RUST_LOG=error ./epic_asset_manager (to show errors, don't bother with debug, or you may be spammed with reqwest 'starting new connection' crap). This I used to see it was finally getting through. Thing is, not in my Secrets manager. I have KeePassXC temporarily turned off, just to deal with 'oob' KDE Wallet. It isn't in there. Deleted entire EAM config, it is still remembering things. Gotta clear this up before considering further.
Edit: I disabled KDE Wallet and ran KeePassXC...works perfectly. I don't know why, though. All I did was add those poor-man's debug prints. *shrug* It creates every secret entry it needs.
Describe the bug After installing from flatpack, product works as advertised though shows error at the bottom of window. this is storing the "secret" information insecurely, kdewallet manager and wallet itself are both open and running when I launch this application.
To Reproduce Steps to reproduce the behavior:
Expected behavior Login and store information in a secure manner
Desktop