Unexpected error on login when safeStorage is not available

[shobeira]

• [ ] This is not a feature request (existing functionality does not work, not missing functionality). I will request features on forum or via support.
• [ ] I've searched and did not find a similar issue.

Describe the bug Unable to login on Linux AppImage.

To Reproduce Steps to reproduce the behavior: Run the AppImage.

Expected behavior Working normally and show me the emails in the accounts.

Screenshots NA

Desktop (please complete the following information):

• OS: Linux Ubuntu 22.04 LTS
• Desktop Environment: Gnome (Default Ubuntu 22.04 LTS)
• Version: 22.04 LTS

Here is the bug report: Feedback v229.240517.0 - DeviceStorageUnavailableError - UNKNOWN - linux

Client: linux Type: UNKNOWN Tutanota version: 229.240517.0 Timestamp (UTC): Wed, 05 Jun 2024 00:49:24 GMT User agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) tutanota-desktop/229.240517.0 Chrome/122.0.6261.156 Electron/29.3.2 Safari/537.36

DeviceStorageUnavailableError
 Error message: failed to resolve/generate key> DeviceStorageUnavailableError: safeStorage API is not available
    at K_.assertAvailable (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:192974)
    at async K_.getPassword (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:192218)
    at async mR.fetchKey (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:209972)
    at async mR.fetchOrGenerateKey (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:209699)
    at async WO.decryptUsingKeychain (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:283553)
    at async ipc (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:293940)
Stacktrace: 
DeviceStorageUnavailableError: failed to resolve/generate key> DeviceStorageUnavailableError: safeStorage API is not available
    at K_.assertAvailable (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:192974)
    at async K_.getPassword (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:192218)
    at async mR.fetchKey (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:209972)
    at async mR.fetchOrGenerateKey (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:209699)
    at async WO.decryptUsingKeychain (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:283553)
    at async ipc (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:293940)
    at mR.fetchOrGenerateKey (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:209873)
    at async WO.decryptUsingKeychain (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:283553)
    at async ipc (/tmp/.mount_tutanoe62CO9/resources/app.asar/desktop/DesktopMain.js:11:293940)

Test notes

• [x] Test without keychain available
  • [x] stop your keyring provider (probably gnome-keychain-daemon)
  • [x] try to log in with new credentials
  • [x] cancel any prompts from the keychain
  • [x] see that you log in but you get a message that safeStorage is not available and your credentials are not stored
• [x] Test that with keychain login with new/old credentials works as expected

[kib42]

does this happen every time you open the app? Try to close the client from the tray icon and open it again.

[Solations]

does this happen every time you open the app? Try to close the client from the tray icon and open it again.

Yes, happens every time. I have the same Issue on Linux Manjaro. Actually I already reported it in issue #7076. As mentioned there, I believe the problem is, that you don't have the option to login without saving the login information anymore, but obviously I can't be sure.

[DebLH]

Have same desktop client error after update yesterday, restart/reboot of client doesn't help. Can login through web client every time. DeviceStorageUnavailableError Error message: failed to resolve/generate key> DeviceStorageUnavailableError: safeStorage API is not available

I've had a persistent error, "cannot access secret storage", on launch ever since install of the desktop client, but after latest update the client completely fails to login. Ubuntu mate 22.04.4 LTS

Log text from error report:

Feedback v230.240603.0 - DeviceStorageUnavailableError - FREE - linux Client: linux Type: FREE Tutanota version: 230.240603.0 Timestamp (UTC): Thu, 06 Jun 2024 23:59:34 GMT User agent: Mozilla/5.0 (X11; Linux x8664) AppleWebKit/537.36 (KHTML, like Gecko) tutanota-desktop/230.240603.0 Chrome/124.0.6367.207 Electron/30.0.6 Safari/537.36 DeviceStorageUnavailableError Error message: failed to resolve/generate key> DeviceStorageUnavailableError: safeStorage API is not available at K.assertAvailable (/tmp/.mounttutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:192970) at async K.getPassword (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:192214) at async mR.fetchKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:209968) at async mR.fetchOrGenerateKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:209695) at async _P.encryptUsingKeychain (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:25:16448) at async qO.getOrCreateCredentialEncryptionKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:285976) at async qO.setCredentialEncryptionMode (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:285020) at async ipc (/tmp/.mounttutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:294946) Stacktrace: DeviceStorageUnavailableError: failed to resolve/generate key> DeviceStorageUnavailableError: safeStorage API is not available at K.assertAvailable (/tmp/.mounttutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:192970) at async K.getPassword (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:192214) at async mR.fetchKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:209968) at async mR.fetchOrGenerateKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:209695) at async _P.encryptUsingKeychain (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:25:16448) at async qO.getOrCreateCredentialEncryptionKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:285976) at async qO.setCredentialEncryptionMode (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:285020) at async ipc (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:294946) at mR.fetchOrGenerateKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:209869) at async _P.encryptUsingKeychain (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:25:16448) at async qO.getOrCreateCredentialEncryptionKey (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:285976) at async qO.setCredentialEncryptionMode (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:285020) at async ipc (/tmp/.mount_tutanoFXRUc0/resources/app.asar/desktop/DesktopMain.js:11:294946)

[dolkilu]

For me: Connection to the server is lost aur/tutanota-desktop-bin 230.240603.0-1

Operating System: Arch Linux KDE Plasma Version: 6.0.5 KDE Frameworks Version: 6.2.0 Qt Version: 6.7.1 Kernel Version: 6.9.3-arch1-1 (64-bit) Graphics Platform: X11

  ~ ❯ tutanota-desktop  01:11:34 the monkey has been patched pid: 28455 (node:28455) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead. (Use tutanota-desktop --trace-deprecation ... to show where the warning was created) version: 230.240603.0 resolving key... tutanota-vault config up to date [2024-06-09T17:11:43.169Z] using safeStorage with backend gnome_libsecret [DesktopMain] getting dictionaries from: https://app.tuta.com/desktop/dictionaries/ [2024-06-09T17:11:43.172Z] Create tray:true [SSEFacade] last missed notification check: { lastMissedNotificationCheckTime: null } [ApplicationWindow] webAssetsPath: /opt/tutanota-desktop/resources/app.asar default mailto handler: false Webapp ready [SSEFacade] No SSE info [2024-06-09T17:11:43.253Z] [ElectronUpdater] WARN: APPIMAGE env is not defined, current application is not an AppImage [DesktopMain] spellcheck-dictionary-initialized en-US desktop file exists, checking version... [ProtocolProxy] error for GET https://app.tuta.com/rest/sys/saltservice: [ProtocolProxy] TypeError: fetch failed at Jp (/opt/tutanota-desktop/resources/app.asar/desktop/DesktopMain.js:10:1472) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async /opt/tutanota-desktop/resources/app.asar/desktop/DesktopMain.js:10:30651 at async AsyncFunction. (node:electron/js2c/browser_init:2:51595) {

  at internalConnectMultiple (node:net:1114:18)
  at afterConnectMultiple (node:net:1667:5) {
code: 'ETIMEDOUT',
[errors]: [ [Error], [Error] ]

} } [ProtocolProxy] {"name":"TypeError","message":"fetch failed","stack":"TypeError: fetch failed\n at Jp (/opt/tutanota-desktop/resources/app.asar/desktop/DesktopMain.js:10:1472)\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n at async /opt/tutanota-desktop/resources/app.asar/desktop/DesktopMain.js:10:30651\n at async AsyncFunction. (node:electron/js2c/browser_init:2:51595)"} [ProtocolProxy] failed after 275ms

[Opening-Button-8988]

Looks like Tuta are having some serious problems right now. This has been an issue for a long time. Apparently they're working on a fix but it's taking a while.

[charlag]

@Opening-Button-8988 there are no server issues at the moment

[charlag]

We did some test with a fresh Ubuntu 22.04 install and it does work out of the box. Everyone who reports it seems to be on some derivative of Ubuntu 22.04.

We could reproduce the issue when we stopped gnome-keyring-daemon manually and cancelled unlocking the keychain later. We would like to know how others get to this state. Could you please check if gnome-keyring-daemon is running for you?

[dolkilu]

We did some test with a fresh Ubuntu 22.04 install and it does work out of the box. Everyone who reports it seems to be on some derivative of Ubuntu 22.04.

We could reproduce the issue when we stopped gnome-keyring-daemon manually and cancelled unlocking the keychain later. We would like to know how others get to this state. Could you please check if gnome-keyring-daemon is running for you?

I am not sure if my issue is still related, but I will continue to ask here.

I was using KDE wallet, wasn't able to make gnome-keyring-daemon work, I got the "Could not access secret storage" . I read the FAQ and switched to keepassXC instead, which I was already using.

1. setup keepassXC secret service
2. delete ~/.config/tutanota-desktop
3. reboot
4. on appimage launch, setup the keepassXC database

Now the "Could not access secret storage" is gone, but still cannot connect. Failed to call method: org.freedesktop.DBus.Properties, from what I read is the gnome-keyring, which I don't have. using safeStorage with backend gnome_libsecret Then TypeError: fetch failed on login

Operating System: Arch Linux 
KDE Plasma Version: 6.0.5
KDE Frameworks Version: 6.2.0
Qt Version: 6.7.1
Kernel Version: 6.9.3-arch1-1 (64-bit)
Graphics Platform: X11

~/Apps/tuta/tutanota-desktop-linux.AppImage                                                     21:42:05
the monkey has been patched pid: 10717
(node:10717) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `tutanota-desktop --trace-deprecation ...` to show where the warning was created)
[10717:0610/214227.607995:ERROR:object_proxy.cc(576)] Failed to call method: org.freedesktop.DBus.Properties.Get: object_path= /org/freedesktop/portal/desktop: org.freedesktop.DBus.Error.InvalidArgs: No such interface “org.freedesktop.portal.FileChooser”
[10717:0610/214227.608040:ERROR:select_file_dialog_linux_portal.cc(286)] Failed to read portal version property
version:   230.240603.0
resolving key... tutanota-vault
config up to date
[2024-06-10T13:42:37.003Z] using safeStorage with backend gnome_libsecret
[DesktopMain] getting dictionaries from: https://app.tuta.com/desktop/dictionaries/
[2024-06-10T13:42:37.073Z] Create tray:true
[SSEFacade] last missed notification check: { lastMissedNotificationCheckTime: null }
[ApplicationWindow] webAssetsPath:  /tmp/.mount_tutanonujJJZ/resources/app.asar
default mailto handler: false
Webapp ready
[SSEFacade] No SSE info
[2024-06-10T13:42:37.197Z] [ElectronUpdater] INFO: Checking for update
[2024-06-10T13:42:37.197Z] [ElectronUpdater] INFO: checking-for-update
[DesktopMain] spellcheck-dictionary-initialized en-US
desktop file exists, checking version...
[DesktopMain] getting dictionaries from: https://app.tuta.com/desktop/dictionaries/
[DesktopMain] spellcheck-dictionary-initialized en-US
[2024-06-10T13:42:38.536Z] [ElectronUpdater] INFO: Update for version 230.240603.0 is not available (latest version: 230.240603.0, downgrade is disallowed).
[2024-06-10T13:42:38.536Z] [ElectronUpdater] INFO: update not available: {
  version: '230.240603.0',
  files: [
    {
      url: 'tutanota-desktop-linux.AppImage',
      sha512: '58Bd0yWTxxDyGJ5PL9Fox4lXGjv24sGlaYfAyR/vWaRQsLUNDD1/LL+qqwjp91mpsaPvwu/NoM0J+I8dTmXozw==',
      size: 129643987,
      blockMapSize: 136679
    }
  ],
  path: 'tutanota-desktop-linux.AppImage',
  sha512: '58Bd0yWTxxDyGJ5PL9Fox4lXGjv24sGlaYfAyR/vWaRQsLUNDD1/LL+qqwjp91mpsaPvwu/NoM0J+I8dTmXozw==',
  releaseDate: '2024-06-03T16:00:01.195Z',
  signature: 'CbNHmCUXUW587aCEjr9t7qsRFwGwKBbdWMRb2YkPy03Plqg1VIaEcJbiUKqZI93Ava4sDBVZKM0QSGabkYb94WCy/+ladGcDbY3Fr/4WA8tAlYErNyQ45TOGFSFyx39vGf5/8T2whRyjbDMUAHj1EQZ09pgs1Gi9+J/tq1ElgHUF0WxdyNe/TvZDy7U6Auvj2ExnHLHlNExqnsWLXbXNhamnQEgZh75D8sWGi31EEeqFz0l74fXLSSVTzMtNqCbTyZHfb0NZXrIIR/S/wrMbggtiASZGvGkccQRCANgyj8s0pQBe79nUB5elFcaePSNqCGCS9l3+mT/5CSRMCqDBzA=='
}
[ProtocolProxy] error for GET https://app.tuta.com/rest/sys/saltservice:
[ProtocolProxy] TypeError: fetch failed
    at Jp (/tmp/.mount_tutanonujJJZ/resources/app.asar/desktop/DesktopMain.js:10:1472)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async /tmp/.mount_tutanonujJJZ/resources/app.asar/desktop/DesktopMain.js:10:30651
    at async AsyncFunction.<anonymous> (node:electron/js2c/browser_init:2:51595) {
  [cause]: AggregateError
      at internalConnectMultiple (node:net:1114:18)
      at afterConnectMultiple (node:net:1667:5) {
    code: 'ETIMEDOUT',
    [errors]: [ [Error], [Error] ]
  }
}
[ProtocolProxy] {"name":"TypeError","message":"fetch failed","stack":"TypeError: fetch failed\n    at Jp (/tmp/.mount_tutanonujJJZ/resources/app.asar/desktop/DesktopMain.js:10:1472)\n    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n    at async /tmp/.mount_tutanonujJJZ/resources/app.asar/desktop/DesktopMain.js:10:30651\n    at async AsyncFunction.<anonymous> (node:electron/js2c/browser_init:2:51595)"}

[charlag]

Backend is called gnome_libsecret but it doesn't necessarily use gnome-keyring-daemon. There's a library called libsecret that wraps D-Bus access to secret storage daemon, Electron re-implements this. That's what Electron cares about. On the other end of D-Bus connection is your actual keychain (which may be but doesn't have to be gnome-keyring-daemon).

From your stacktrace I can only spot ETIMEDOUT error which doesn't seem to be related to keychain but from network access (or being temporarily blocked by the server). I don't think you are having the same issue.