Bug 470275 - account stuck offline, could not read the password, despite clicking "Store Password" on setup
Summary: account stuck offline, could not read the password, despite clicking "Store P...
Status: REPORTED
Alias: None
Product: kmail2
Classification: Applications
Component: general (show other bugs)
Version: 5.23.1
Platform: Arch Linux Linux
: NOR normal
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-05-26 05:21 UTC by andy
Modified: 2023-05-26 05:21 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description andy 2023-05-26 05:21:21 UTC 
SUMMARY
The GUI suggests during account setup that it can store my password in a config file if KWallet isn't available, but it doesn't seem to be the case. I never get prompted for OAuth login to gmail, and it says "Could not read the password: user rejected wallet access" despite initially providing the password and clicking the button to agree to store it in the config file.

STEPS TO REPRODUCE
1. Run kmail in it's own isolated user account, without kwallet: sudo machinectl --uid=1001 -E DISPLAY=:0 shell .host /bin/kmail
2. Add mail account
3. Enter Full name, E-mail address (for me gmail), and password. Leave "Find provider settings" checked.
4. Click Next, leave detected settings and IMAP toggled and click "Add Account"
5. Notice the pop up message that says the following:

Title: "KWallet Not Available - Account Assistant"
Message: "QKeychain not found a backend for storing your password. It is strongly recommended to use strong backend for managing your passwords. However, the password can be stored in the configuration file instead. The password is stored in an obfuscated format, but should not be considered secure from decryption efforts if access to the configuration file is obtained. Do you want to store the password for server 'Google Mail (<account name>)' in the configuration file?"
Options: [Store Password, Do Not Store Password]

6. Pick "Store Password" option.



OBSERVED RESULT
Under Accounts, see an icon for offline, and the message "Could not read the password: user rejected wallet access"

When trying to check mail, see this spammed in stdout:

Couldn't start kwalletd:  QDBusError("org.freedesktop.DBus.Error.Spawn.ChildSignaled", "Process org.kde.kwalletd5 received signal 6")
Couldn't start kwalletd:  QDBusError("org.freedesktop.DBus.Error.Spawn.ChildSignaled", "Process org.kde.kwalletd5 received signal 6")
Couldn't start kwalletd:  QDBusError("org.freedesktop.DBus.Error.Spawn.ChildSignaled", "Process org.kde.kwalletd5 received signal 6")
Couldn't start kwalletd:  QDBusError("org.freedesktop.DBus.Error.Spawn.ChildSignaled", "Process org.kde.kwalletd5 received signal 6")
Couldn't start kwalletd:  QDBusError("org.freedesktop.DBus.Error.Spawn.ChildSignaled", "Process org.kde.kwalletd5 received signal 6")
Couldn't start kwalletd:  QDBusError("org.freedesktop.DBus.Error.Spawn.ChildSignaled", "Process org.kde.kwalletd5 received signal 6")
org.kde.kgapi: KWallet: failed to open wallet (maybe it's disabled?


EXPECTED RESULT
The password is stored in the config file as described by the popup message.
I should be getting an OAuth2 login window and then be able to check mail.

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Arch Linux
KDE Plasma Version: 5.27.5
KDE Frameworks Version: 5.106.0
Qt Version: 5.15.9

ADDITIONAL INFORMATION
I want to run KMail isolated in another user account to isolate my emails from other apps. KWallet does not make anything more secure in this scenario, since it's the only program running under this specific user.

Another issue with this approach (sudo machinectl --uid=1001 -E DISPLAY=:0 shell .host /bin/kmail) is that when you close KMail, akonadi services are left running, so it isn't a clean exit of the session. I'm not sure how to solve other than manually killing it.