#553312 subversion asks GNOME keyring passphrase even if authentication is present

Package:
subversion
Source:
subversion
Description:
Advanced version control system
Submitter:
Norbert Preining
Date:
2010-09-09 18:39:04 UTC
Severity:
important
#553312#5
Date:
2009-10-30 03:51:20 UTC
From:
To:
so now that I have gnome-keyring auto started it seems that it
*really* hoses svn.

	$ svn commit -m"some commit msg"
	Password for 'login' GNOME keyring:<ENTER>
	svn: Commit failed (details follow):
	svn: GNOME Keyring is locked and we are non-interactive
	$

What the f*** is going on???

That is a svn server which I access via the
	svn://user@server.ext/...
method.

Why on earth does gnome-keyring play around here????

#553312#10
Date:
2009-10-31 03:53:50 UTC
From:
To:
user, and it seems that using that does not unlock the login
keyring for gnome-keyring.

As soon as I disable fingerprint login (changing /etc/pam.d/gdm to its
previous state it works.

The point is that there is NO way gnome-keyring should interfere with
subversion, and I don't see why it is doing that.

Best wishes

Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining                                        Associate Professor
JAIST Japan Advanced Institute of Science and Technology   preining@jaist.ac.jp
Vienna University of Technology                               preining@logic.at
Debian Developer (Debian TeX Task Force)                    preining@debian.org
gpg DSA: 0x09C5B094      fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
ABINGER (n.)
One who washes up everything except the frying pan, the cheese grater
and the saucepan which the chocolate sauce has been made in.
			--- Douglas Adams, The Meaning of Liff

#553312#15
Date:
2009-11-02 11:21:42 UTC
From:
To:
Le samedi 31 octobre 2009 à 04:53 +0100, Norbert Preining a écrit :

The keyring daemon serves as a SSH agent by default. See README.Debian
for how to disable it.

Cheers,

#553312#20
Date:
2009-11-02 14:14:04 UTC
From:
To:
reopen  553312
thanks

Dear Josselin,

please read my original posting, I quote the important line:
*anything* to say in plain svn protocol authentication. Nothing, Zero,
Niente.

Again, to be sure that I state it clearly enough:
	I do NOT use ssh+svn
!

Bug reopened.

Best wishes

Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining                                        Associate Professor
JAIST Japan Advanced Institute of Science and Technology   preining@jaist.ac.jp
Vienna University of Technology                               preining@logic.at
Debian Developer (Debian TeX Task Force)                    preining@debian.org
gpg DSA: 0x09C5B094      fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
HOYLAKE (n.)
The pool of edible gravy which surrounds an inedible and disgusting
lump of meat - eaten to give the impression that the person is 'just
not very hungry, but mmm this is delicious'. Cf. Peaslake - a similar
experience had by vegetarians.
			--- Douglas Adams, The Meaning of Liff

#553312#27
Date:
2009-11-02 15:33:19 UTC
From:
To:
Le lundi 02 novembre 2009 à 15:14 +0100, Norbert Preining a écrit :

Whoops, sorry for misreading.

It must mean that SVN somehow queries gnome-keyring. I have no idea by
which mechanism, but using strace should point you at what it is doing.

Cheers,

#553312#32
Date:
2009-11-02 16:13:38 UTC
From:
To:
reassign 553312 subversion
retitle 553312 subversion asks GNOME keyring passphrase even if authentication is present
# it does not break unrelated software anymore, just itself
severity 553312 important
thanks
subversion. Subversion supports that feature now, but the password
I use is saved in the usual auth tokens, so it should have no need
to access the gnome keyring.

Reassigned.


For the subversion maintainers: I am using
	svn://user@server/repo
access method and the password for user@server is saved under
~/.subverions/auth, so no need to contact the gnome-keyring-daemon
should arise.

THe problem turned up when I logged in with some alternative method
(fingerprint) and thus the gnome-keyring was not unlocked and thus
doinig an svn commit looked like:
	$ svn commit -m"some commit msg"
	Password for 'login' GNOME keyring:<ENTER>
	svn: Commit failed (details follow):
	svn: GNOME Keyring is locked and we are non-interactive
	$
Which is *really* bad. The password is there, so why is it not used?

Thanks a lot and all the best

Best wishes

Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining                                        Associate Professor
JAIST Japan Advanced Institute of Science and Technology   preining@jaist.ac.jp
Vienna University of Technology                               preining@logic.at
Debian Developer (Debian TeX Task Force)                    preining@debian.org
gpg DSA: 0x09C5B094      fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
GREAT WAKERING (participial vb.)
Panic which sets in when you badly need to go to the lavatory and
cannot make up your mind about what book or magazine to take with you.
			--- Douglas Adams, The Meaning of Liff

#553312#45
Date:
2009-11-02 17:06:41 UTC
From:
To:
[Norbert Preining]

I'm pinging upstream about this, it seems to be a legitimate bug.
Meanwhile, the workaround is simple enough.  See ~/.subversion/config
or /etc/subversion/config:

    [auth]
    password-stores = gnome-keyring,kwallet

is the default value; if you prefer you can disable those plugins:

    password-stores =

Thanks,

#553312#50
Date:
2009-11-02 17:30:29 UTC
From:
To:
Thanks.

Ah, that is good. Thanks. I was nervous tht this would disable ssh+svn
with gnome-keyring working as ssh-agent, but it does indeed still work
that way via ssh+svn, and I will check the pure svn protocol, too.

Thanks  a lot

Norbert
------------------------------------------------------------------------------- Dr. Norbert Preining Associate Professor JAIST Japan Advanced Institute of Science and Technology preining@jaist.ac.jp Vienna University of Technology preining@logic.at Debian Developer (Debian TeX Task Force) preining@debian.org gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094 ------------------------------------------------------------------------------- You step in the stream, But the water has moved on. This page is not here. --- Windows Error Haiku
#553312#55
Date:
2009-12-07 00:42:15 UTC
From:
To:
I have the opposite problem. I can't get subversion to consult
gnome-keyring on amd64, but it works for me on i386. I can't remember
what I did on i386 to make the switch, and the configuration files
don't reveal any hints. I've even manually added keys and values to
the auth/svn.simple file on the amd64 machine to help it use
gnome-keyring, and it removes these entries.

Any ideas?

#553312#60
Date:
2010-06-16 18:20:57 UTC
From:
To:
The situation is very similar with kwallet, the difference being that it
is autostarted by default (gnome-keyring is not).

If you have kwallet installed on the system, it will be started whenever
svn needs authentication - unless gnome-keyring is already running :)

#553312#65
Date:
2010-09-09 18:23:25 UTC
From:
To:
Just some information for anyone trying to figure this out.

svn interfacing with gnome-keyring seems to work for me in current
squeeze.  But I got exactly this problem (same error message "Password
for 'login' GNOME keyring: svn: GNOME Keyring is locked and we are
non-interactive") when I installed the backport version of the
subversion package on lenny, 1.6.12dfsg-1~bpo50+2.  (a different machine
that shares files but not the home directory.)  The lenny machine is
also amd64, while the squeeze one i386.  Not sure if that is important.

The squeeze version does seem to work right because the password I
entered does now show in the gnome-keyring and the entry in
.subversion/auth/svn.simple lists passtype as gnome-keyring and it works.

Thanks for the above workaround hint to keep svn from trying to query
the gnome-keyring.  I can live with that until I upgrade.