search

r-lib / keyring

:closed_lock_with_key: Access the system credential store from R
https://keyring.r-lib.org/
Other
196 stars 28 forks source link

Secret Service API on RStudio Server #72

Closed bhogan-mitre closed 5 years ago

bhogan-mitre commented 5 years ago

Is it possible to use the default Linux Secret Service backend from RStudio Server? It seems at first glance that the X11 requirement may be prohibitive.

> kb <- backend_secret_service$new()
> kb$keyring_create(keyring = "foobar") 
Error in b_ss_keyring_create_direct(self, private, keyring, password) :  
  Secret service keyring error in 'create_keyring': 'Error spawning command line “dbus-launch --autolaunch=7cba7f31da5849f4b55980a54d846d50 --binary-syntax --close-stderr”: Child process exited with code 1' 
In addition: Warning message: In b_ss_keyring_create_direct(self, private, keyring, password) :
   Password ignored, will be read interactively 
> system("dbus-launch --autolaunch=7cba7f31da5849f4b55980a54d846d50 --binary-syntax --close-stderr") 
Autolaunch error: X11 initialization failed.
> kb$is_available() 
[1] FALSE
> system("which gnome-keyring-daemon") 
/usr/bin/gnome-keyring-daemon
bhogan-mitre commented 5 years ago

This issue is potentially related: https://github.com/r-lib/keyring/issues/47

gaborcsardi commented 5 years ago

Yes, I am afraid that you cannot do that. In theory you could have a SS client without X11, but I don't know any and I don't know a way to use the regular clients without X11.

bhogan-mitre commented 5 years ago

Thanks for the reply. What do you think about using secret-tool to access SS without X11? That is recommended in the Gnome Keyring documentation:

secret-tool — Access the GNOME keyring (and any other service implementing the DBus Secret Service API) from the command line. https://wiki.gnome.org/Projects/Libsecret || libsecret

and leveraged by the keyringr package:

keyringr::decrypt_gk_pw
function (key_value_pairs) 
{
    stopifnot(Sys.info()["sysname"] == "Linux")
    invisible(system(paste("secret-tool lookup ", key_value_pairs, 
        sep = ""), intern = TRUE))
}
gaborcsardi commented 5 years ago

Well, when the keyring is locked then the above will bring up an X11 dialog. Similarly for storing items:

csardi@ubuntu1604:~$ secret-tool store --label='label' attr val

(secret-tool:9235): GLib-GObject-CRITICAL **: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
secret-tool: Cannot autolaunch D-Bus without X11 $DISPLAY

csardi@ubuntu1604:~$ secret-tool lookup attr val

(secret-tool:9241): GLib-GObject-CRITICAL **: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
secret-tool: Cannot autolaunch D-Bus without X11 $DISPLAY