Summary: | Secret Portal fails to store secret for Flatpak applications | ||
---|---|---|---|
Product: | [Frameworks and Libraries] frameworks-kwallet | Reporter: | snow flurry <snow> |
Component: | general | Assignee: | Valentin Rusu <valir> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | 3f15f7ea, 4wy78uwh, aleixpol, alex-bugs.kde.org, bizyaev, kdelibs-bugs, mail, mildred-bug.kde, nate, nicolas.fella, sitter, waynejwoww |
Priority: | NOR | ||
Version: | 6.2.0 | ||
Target Milestone: | --- | ||
Platform: | Gentoo Packages | ||
OS: | Linux | ||
See Also: | https://bugs.kde.org/show_bug.cgi?id=492541 | ||
Latest Commit: | https://invent.kde.org/frameworks/kwallet/-/commit/fc097984e7a6ea127fe7e0ca9df2ff98271888d3 | Version Fixed In: | 6.2.1 |
Sentry Crash Report: |
Description
snow flurry
2024-05-22 03:10:06 UTC
Maybe this requires the Flatpak packaging to have appropriate permissions? Thanks, the test program was very helpful! A possibly relevant merge request was started @ https://invent.kde.org/frameworks/kwallet/-/merge_requests/84 *** Bug 487094 has been marked as a duplicate of this bug. *** The problem does also occur with the KDE wallet subsystem _disabled_ in the KDE Wallet System Settings. Git commit 425cf15fc9116a1fc115dd52eb5537c2eb5d66be by Nicolas Fella. Committed on 22/05/2024 at 20:11. Pushed by nicolasfella into branch 'master'. Fix secrets portal wallet access The current code checks whether the wallet is open and only if it's not calls openAsync However kwallet internally tracks which apps have openend the wallet and only gives access to those that have called open This works fine if the portal request triggered the opening of the wallet and subsequent access works, but if the wallet was opened by another app before any attempt to read from the wallet will fail To fix this always open the wallet before accessing. This allows to simplify the code since we then can tie a portal request to a KWallet transaction ID. Also consistently use xdg-desktop-portal as appid when making calls to kwallet M +11 -25 src/runtime/kwalletd/kwalletportalsecrets.cpp M +1 -3 src/runtime/kwalletd/kwalletportalsecrets.h https://invent.kde.org/frameworks/kwallet/-/commit/425cf15fc9116a1fc115dd52eb5537c2eb5d66be Git commit fc097984e7a6ea127fe7e0ca9df2ff98271888d3 by Nicolas Fella. Committed on 24/05/2024 at 19:55. Pushed by nicolasfella into branch 'Frameworks/6.2'. Fix secrets portal wallet access The current code checks whether the wallet is open and only if it's not calls openAsync However kwallet internally tracks which apps have openend the wallet and only gives access to those that have called open This works fine if the portal request triggered the opening of the wallet and subsequent access works, but if the wallet was opened by another app before any attempt to read from the wallet will fail To fix this always open the wallet before accessing. This allows to simplify the code since we then can tie a portal request to a KWallet transaction ID. Also consistently use xdg-desktop-portal as appid when making calls to kwallet (cherry picked from commit 425cf15fc9116a1fc115dd52eb5537c2eb5d66be) M +11 -25 src/runtime/kwalletd/kwalletportalsecrets.cpp M +1 -3 src/runtime/kwalletd/kwalletportalsecrets.h https://invent.kde.org/frameworks/kwallet/-/commit/fc097984e7a6ea127fe7e0ca9df2ff98271888d3 *** Bug 492541 has been marked as a duplicate of this bug. *** It is not clear whether this actually has been resolved. Multiple users claim that it still happens on their systems with KWallet 6.5 and even that the freedesktop secrets service is (in some cases) now broken for non-Flatpak applications as well since the 6.5 update. Please see this new ticket: https://bugs.kde.org/show_bug.cgi?id=492541 And also the downstream (Fedora) ticket: https://bugzilla.redhat.com/show_bug.cgi?id=2276060 |