[gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[thelma]

After update to new chrome browser "google-chrome-103.0.5060"
A popup shows up:

"choose password for new keyring"

No explanation what is it, how to change it etc.  Is it needed?

Was it discuss before?

-- 
Thelma

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Dale]

thelma@sys-concept.com wrote:
> After update to new chrome browser "google-chrome-103.0.5060"
> A popup shows up:
>
> "choose password for new keyring"
>
> No explanation what is it, how to change it etc.  Is it needed?
>
> Was it discuss before?
>


I don't use Chrome but google found this.

https://forums.linuxmint.com/viewtopic.php?t=312289

This may help too.

https://superuser.com/questions/890150/completely-stop-gnome-keyring-popups

Does one of those help?  They seem to address the problem in slightly
different ways. 

Dale

:-)  :-) 

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[thelma]

On 7/7/22 20:23, Dale wrote:
> thelma@sys-concept.com wrote:
>> After update to new chrome browser "google-chrome-103.0.5060"
>> A popup shows up:
>>
>> "choose password for new keyring"
>>
>> No explanation what is it, how to change it etc.  Is it needed?
>>
>> Was it discuss before?
>>
> 
> 
> I don't use Chrome but google found this.
> 
> https://forums.linuxmint.com/viewtopic.php?t=312289
> 
> This may help too.
> 
> https://superuser.com/questions/890150/completely-stop-gnome-keyring-popups
> 
> Does one of those help?  They seem to address the problem in slightly
> different ways.
> 
> Dale
> 
> :-)  :-)

Thanks,  there is a lot of information how to by-pass it but very little explanation which application request it or why is it there.
  

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Dale]

thelma@sys-concept.com wrote:
> On 7/7/22 20:23, Dale wrote:
>> thelma@sys-concept.com wrote:
>>> After update to new chrome browser "google-chrome-103.0.5060"
>>> A popup shows up:
>>>
>>> "choose password for new keyring"
>>>
>>> No explanation what is it, how to change it etc.  Is it needed?
>>>
>>> Was it discuss before?
>>>
>>
>>
>> I don't use Chrome but google found this.
>>
>> https://forums.linuxmint.com/viewtopic.php?t=312289
>>
>> This may help too.
>>
>> https://superuser.com/questions/890150/completely-stop-gnome-keyring-popups
>>
>>
>> Does one of those help?  They seem to address the problem in slightly
>> different ways.
>>
>> Dale
>>
>> :-)  :-)
>
> Thanks,  there is a lot of information how to by-pass it but very
> little explanation which application request it or why is it there.
>  
>
>


One thing I read makes it sound like it is for a built in password
remembering tool. I know Firefox and Seamonkey has the same but I
disable those since I use BitWarden anyway.  One would think there would
be a setting in preferences to just disable all that.  I suspect few use
them given the popularity of LastPass, BitWarden and other tools that
are much more secure and portable.  Maybe looking for a password tool
setting would help.  I tried Chrome ages ago, didn't like it at all. 
That was several years ago so I'm clueless on it now.  Just thought
those suggestions might help. 

Dale

:-)  :-) 

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[thelma]

On 7/7/22 21:28, Dale wrote:
> thelma@sys-concept.com wrote:
>> On 7/7/22 20:23, Dale wrote:
>>> thelma@sys-concept.com wrote:
>>>> After update to new chrome browser "google-chrome-103.0.5060"
>>>> A popup shows up:
>>>>
>>>> "choose password for new keyring"
>>>>
>>>> No explanation what is it, how to change it etc.  Is it needed?
>>>>
>>>> Was it discuss before?
>>>>
>>>
>>>
>>> I don't use Chrome but google found this.
>>>
>>> https://forums.linuxmint.com/viewtopic.php?t=312289
>>>
>>> This may help too.
>>>
>>> https://superuser.com/questions/890150/completely-stop-gnome-keyring-popups
>>>
>>>
>>> Does one of those help?  They seem to address the problem in slightly
>>> different ways.
>>>
>>> Dale
>>>
>>> :-)  :-)
>>
>> Thanks,  there is a lot of information how to by-pass it but very
>> little explanation which application request it or why is it there.
>>   
>>
>>
> 
> 
> One thing I read makes it sound like it is for a built in password
> remembering tool. I know Firefox and Seamonkey has the same but I
> disable those since I use BitWarden anyway.  One would think there would
> be a setting in preferences to just disable all that.  I suspect few use
> them given the popularity of LastPass, BitWarden and other tools that
> are much more secure and portable.  Maybe looking for a password tool
> setting would help.  I tried Chrome ages ago, didn't like it at all.
> That was several years ago so I'm clueless on it now.  Just thought
> those suggestions might help.
> 
> Dale
> 
> :-)  :-)

Starting chrome with "--password-store=basic" solved the problem.
  

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Dale]

thelma@sys-concept.com wrote:
> On 7/7/22 21:28, Dale wrote:
>> thelma@sys-concept.com wrote:
>>> On 7/7/22 20:23, Dale wrote:
>>>> thelma@sys-concept.com wrote:
>>>>> After update to new chrome browser "google-chrome-103.0.5060"
>>>>> A popup shows up:
>>>>>
>>>>> "choose password for new keyring"
>>>>>
>>>>> No explanation what is it, how to change it etc.  Is it needed?
>>>>>
>>>>> Was it discuss before?
>>>>>
>>>>
>>>>
>>>> I don't use Chrome but google found this.
>>>>
>>>> https://forums.linuxmint.com/viewtopic.php?t=312289
>>>>
>>>> This may help too.
>>>>
>>>> https://superuser.com/questions/890150/completely-stop-gnome-keyring-popups
>>>>
>>>>
>>>>
>>>> Does one of those help?  They seem to address the problem in slightly
>>>> different ways.
>>>>
>>>> Dale
>>>>
>>>> :-)  :-)
>>>
>>> Thanks,  there is a lot of information how to by-pass it but very
>>> little explanation which application request it or why is it there.
>>>  
>>>
>>
>>
>> One thing I read makes it sound like it is for a built in password
>> remembering tool. I know Firefox and Seamonkey has the same but I
>> disable those since I use BitWarden anyway.  One would think there would
>> be a setting in preferences to just disable all that.  I suspect few use
>> them given the popularity of LastPass, BitWarden and other tools that
>> are much more secure and portable.  Maybe looking for a password tool
>> setting would help.  I tried Chrome ages ago, didn't like it at all.
>> That was several years ago so I'm clueless on it now.  Just thought
>> those suggestions might help.
>>
>> Dale
>>
>> :-)  :-)
>
> Starting chrome with "--password-store=basic" solved the problem.
>  
>
>


You found a solution that works.  That's great.  Now you can get back to
doing more important things.  ;-)

Dale

:-)  :-) 

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[thelma]

On 7/7/22 21:50, Dale wrote:
> thelma@sys-concept.com wrote:
>> On 7/7/22 21:28, Dale wrote:
>>> thelma@sys-concept.com wrote:
>>>> On 7/7/22 20:23, Dale wrote:
>>>>> thelma@sys-concept.com wrote:
>>>>>> After update to new chrome browser "google-chrome-103.0.5060"
>>>>>> A popup shows up:
>>>>>>
>>>>>> "choose password for new keyring"
>>>>>>
>>>>>> No explanation what is it, how to change it etc.  Is it needed?
>>>>>>
>>>>>> Was it discuss before?
>>>>>>
>>>>>
>>>>>
>>>>> I don't use Chrome but google found this.
>>>>>
>>>>> https://forums.linuxmint.com/viewtopic.php?t=312289
>>>>>
>>>>> This may help too.
>>>>>
>>>>> https://superuser.com/questions/890150/completely-stop-gnome-keyring-popups
>>>>>
>>>>>
>>>>>
>>>>> Does one of those help?  They seem to address the problem in slightly
>>>>> different ways.
>>>>>
>>>>> Dale
>>>>>
>>>>> :-)  :-)
>>>>
>>>> Thanks,  there is a lot of information how to by-pass it but very
>>>> little explanation which application request it or why is it there.
>>>>   
>>>>
>>>
>>>
>>> One thing I read makes it sound like it is for a built in password
>>> remembering tool. I know Firefox and Seamonkey has the same but I
>>> disable those since I use BitWarden anyway.  One would think there would
>>> be a setting in preferences to just disable all that.  I suspect few use
>>> them given the popularity of LastPass, BitWarden and other tools that
>>> are much more secure and portable.  Maybe looking for a password tool
>>> setting would help.  I tried Chrome ages ago, didn't like it at all.
>>> That was several years ago so I'm clueless on it now.  Just thought
>>> those suggestions might help.
>>>
>>> Dale
>>>
>>> :-)  :-)
>>
>> Starting chrome with "--password-store=basic" solved the problem.
>>   
>>
>>
> 
> 
> You found a solution that works.  That's great.  Now you can get back to
> doing more important things.  ;-)
> 
> Dale
> 
> :-)  :-)

By upgrading one of my system, I've just noticed this behaviour is enforced (I think) by new package that was pulled by emerge:
[ebuild  N    ] gnome-base/gnome-keyring-42.1  USE="pam ssh-agent (-selinux) -systemd -test"
Upgrading just "chrome" did not ask me for any keyring password.

I don't use gnome, I use XFCE but I guess one of the package pull this as a dependency.
  

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Dale]

thelma@sys-concept.com wrote:
> On 7/7/22 21:50, Dale wrote:
>>
>>
>> You found a solution that works.  That's great.  Now you can get back to
>> doing more important things.  ;-)
>>
>> Dale
>>
>> :-)  :-)
>
> By upgrading one of my system, I've just noticed this behaviour is
> enforced (I think) by new package that was pulled by emerge:
> [ebuild  N    ] gnome-base/gnome-keyring-42.1  USE="pam ssh-agent
> (-selinux) -systemd -test"
> Upgrading just "chrome" did not ask me for any keyring password.
>
> I don't use gnome, I use XFCE but I guess one of the package pull this
> as a dependency.
>  
>
>


Could disabling a USE flag remove that dependency?  It may not be
google-chrome itself but something else it depends on.  Using the --tree
option may help here.  Masking the keyring package may force emerge to
shine some light on what needs the package as well.  It should grumble
about it being masked along with what needs it. 

Sort of odd that something like this pops up all of a sudden with no
notice of the change. 

Dale

:-)  :-) 

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Dr Rainer Woitok]

Thelma,

On Thursday, 2022-07-07 23:13:47 -0600, thelma@sys-concept.com wrote:

> ...
> By upgrading one of my system, I've just noticed this behaviour is enforced (I think) by new package that was pulled by emerge:
> [ebuild  N    ] gnome-base/gnome-keyring-42.1  USE="pam ssh-agent (-selinux) -systemd -test"
> Upgrading just "chrome" did not ask me for any keyring password.
> 
> I don't use gnome, I use XFCE but I guess one of the package pull this as a dependency.

Run

   $ emerge --pretend --unmerge gnome-base/gnome-keyring

to get  the list  of packages  depending on  "gnome-base/gnome-keyring".
Then check  each of  these packages  for a set USE flag  causing "gnome-
base/gnome-keyring" to be pulled in.   At least in many cases such a USE
flag will be named just "gnome-keyring".

Sincerely,
  Rainer

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[John Covici]

On Fri, 08 Jul 2022 05:01:17 -0400,
Dr Rainer Woitok wrote:
> 
> Thelma,
> 
> On Thursday, 2022-07-07 23:13:47 -0600, thelma@sys-concept.com wrote:
> 
> > ...
> > By upgrading one of my system, I've just noticed this behaviour is enforced (I think) by new package that was pulled by emerge:
> > [ebuild  N    ] gnome-base/gnome-keyring-42.1  USE="pam ssh-agent (-selinux) -systemd -test"
> > Upgrading just "chrome" did not ask me for any keyring password.
> > 
> > I don't use gnome, I use XFCE but I guess one of the package pull this as a dependency.
> 
> Run
> 
>    $ emerge --pretend --unmerge gnome-base/gnome-keyring
> 
> to get  the list  of packages  depending on  "gnome-base/gnome-keyring".
> Then check  each of  these packages  for a set USE flag  causing "gnome-
> base/gnome-keyring" to be pulled in.   At least in many cases such a USE
> flag will be named just "gnome-keyring".
Should not this instruction say emerge --pretend  --depclean rather
than --unmerge ?

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici wb2una
         covici@ccs.covici.com

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Matt Connell]

> > > By upgrading one of my system, I've just noticed this behaviour is enforced (I think) by new package that was pulled by emerge:
> > > [ebuild  N    ] gnome-base/gnome-keyring-42.1  USE="pam ssh-agent (-selinux) -systemd -test"

> > > I don't use gnome, I use XFCE but I guess one of the package pull this as a dependency.

Anecdote time from a fellow XFCE user.  I previously fought against
having gnome-keyring and eventually gave up, since more and more things
wanted to use it.  Now, I find it quite useful.  Lots of GTK
applications (and XFCE is GTK based) want to use gnome-keyring, and
between evolution, dbeaver, nheko, and others, it has become a benefit
(to me) rather than an annoyance.

If you decide to give it a try, app-crypt/seahorse is a useful
companion application for managing the keyring's contents.

> 
> Should not this instruction say emerge --pretend  --depclean rather
> than --unmerge ?

Since its pretended, the result is the same, ultimately.

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Arve Barsnes]

On Fri, 8 Jul 2022 at 15:34, Matt Connell <matt@connell.tech> wrote:
> > Should not this instruction say emerge --pretend  --depclean rather
> > than --unmerge ?
>
> Since its pretended, the result is the same, ultimately.
>

Actually, none of them gives you any info about why a package is
installed, and --unmerge doesn't even try to check. Without --pretend
it's perfectly happy to let you shoot yourself in the foot. What you
actually need to get portage to tell you what requires the package in
question is
# emerge --pretend --depclean --verbose gnome-keyring

Regards,
Arve

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Matt Connell]

On Fri, 2022-07-08 at 09:34 -0400, Matt Connell wrote:
> > Should not this instruction say emerge --pretend  --depclean rather
> > than --unmerge ?
> 
> Since its pretended, the result is the same, ultimately.

I take this back.  You're correct.  depclean should show you what
packages depend on $package which is what is desired.

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[thelma]

Thelma
On 7/8/22 08:02, Arve Barsnes wrote:
> On Fri, 8 Jul 2022 at 15:34, Matt Connell <matt@connell.tech> wrote:
>>> Should not this instruction say emerge --pretend  --depclean rather
>>> than --unmerge ?
>>
>> Since its pretended, the result is the same, ultimately.
>>
> 
> Actually, none of them gives you any info about why a package is
> installed, and --unmerge doesn't even try to check. Without --pretend
> it's perfectly happy to let you shoot yourself in the foot. What you
> actually need to get portage to tell you what requires the package in
> question is
> # emerge --pretend --depclean --verbose gnome-keyring
> 
> Regards,
> Arve

OK I think I got to the bottom of this, it is caused by package upgrade:
[ebuild     U ] app-crypt/gcr-3.41.0 [3.40.0] USE="gtk introspection vala -gtk-doc -systemd% -test"

All other packages are new and pull-in as a dependency:

gnome-base/gnome-keyring-42.1 pulled in by:
     virtual/secret-service-0 requires gnome-base/gnome-keyring

grep secret-service upgrade_07-07-22.txt
[ebuild  N    ] virtual/secret-service-0

virtual/secret-service-0 pulled in by:
     app-crypt/libsecret-0.20.5-r3 requires =virtual/secret-service-0, virtual/secret-service

grep app-crypt/libsecret upgrade_07-07-22.txt
[ebuild  N    ] app-crypt/libsecret-0.20.5-r3  USE="crypt introspection vala -gtk-doc -test -tpm" ABI_X86="(64) -32 (-x32)"

app-crypt/libsecret-0.20.5-r3 pulled in by:
     app-crypt/gcr-3.41.0 requires >=app-crypt/libsecret-0.20

And "app-crypt/gcr" was an upgrade.

So maybe it is better to leave it as it is, instead of fighting the system :-)
But it would be nice if there were some notes about it during emerge.
All of a sudden when starting chrome, a message box pops up "choose password for new keyring" (without any explanation) and all screen is frozen, only option is to enter a password or "cancel it".

Thelma

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 733 bytes --]

On Fri, 8 Jul 2022 10:20:12 -0600, thelma@sys-concept.com wrote:

> gnome-base/gnome-keyring-42.1 pulled in by:
>      virtual/secret-service-0 requires gnome-base/gnome-keyring
> 
> grep secret-service upgrade_07-07-22.txt
> [ebuild  N    ] virtual/secret-service-0
> 
> virtual/secret-service-0 pulled in by:
>      app-crypt/libsecret-0.20.5-r3 requires =virtual/secret-service-0,
> virtual/secret-service

The secret-service ebuild contains

RDEPEND="|| (
    gnome-base/gnome-keyring
    app-admin/keepassxc
)"

so emerge -1 keepassxc will keep gnome-keyring out, but you need one of
these password managers.


-- 
Neil Bothwick

Voting Democrat or Republican is like choosing a cabin in the Titanic.

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[thelma]

On 7/8/22 11:12, Neil Bothwick wrote:
> On Fri, 8 Jul 2022 10:20:12 -0600, thelma@sys-concept.com wrote:
> 
>> gnome-base/gnome-keyring-42.1 pulled in by:
>>       virtual/secret-service-0 requires gnome-base/gnome-keyring
>>
>> grep secret-service upgrade_07-07-22.txt
>> [ebuild  N    ] virtual/secret-service-0
>>
>> virtual/secret-service-0 pulled in by:
>>       app-crypt/libsecret-0.20.5-r3 requires =virtual/secret-service-0,
>> virtual/secret-service
> 
> The secret-service ebuild contains
> 
> RDEPEND="|| (
>      gnome-base/gnome-keyring
>      app-admin/keepassxc
> )"
> 
> so emerge -1 keepassxc will keep gnome-keyring out, but you need one of
> these password managers.

I intent to keep it as it is.  My question are:

- if I enter password for the keyring, how to change it in the future.
- do I need to keep that password, will I be ask to use the password
- which application application are using this keyring?

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Matt Connell]

On Fri, 2022-07-08 at 11:26 -0600, thelma@sys-concept.com wrote:
> - if I enter password for the keyring, how to change it in the future.

The aforementioned seahorse will allow you to manage this.  I'm certain
there's a CLI way to access it.

> - do I need to keep that password, will I be ask to use the password

You'll be asked for this password whenever some application tries to
read protected secrets from the keyring, eg. Chrome, in this case.

I believe pam can be configured to allow gnome-keyring to authenticate
against your X(FCE) session login, but I've never bothered to set this
up.

> - which application application are using this keyring?

Lots of things can hook into the keyring optionally.  I mentioned a
few.  Chrome, Chromium, Brave, dBeaver, nheko, Evolution.

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Dr Rainer Woitok]

Thelma,

On Friday, 2022-07-08 10:20:12 -0600, you wrote:

> ...
> app-crypt/libsecret-0.20.5-r3 pulled in by:
>      app-crypt/gcr-3.41.0 requires >=app-crypt/libsecret-0.20
> 
> And "app-crypt/gcr" was an upgrade.

This does not happen  with the stable version 3.40.0 of "app-crypt/gcr",
only with the  non-stable version 3.41.0  which has this additional dep-
endency.   But then, as soon as 3.41.0 will become stable you'd have the
same problem.

Sincerely,
  Rainer

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Wols Lists]

On 08/07/2022 07:44, Dale wrote:
> thelma@sys-concept.com wrote:
>> On 7/7/22 21:50, Dale wrote:
>>>
>>>
>>> You found a solution that works.  That's great.  Now you can get back to
>>> doing more important things.  ;-)
>>>
>>> Dale
>>>
>>> :-)  :-)
>>
>> By upgrading one of my system, I've just noticed this behaviour is
>> enforced (I think) by new package that was pulled by emerge:
>> [ebuild  N    ] gnome-base/gnome-keyring-42.1  USE="pam ssh-agent
>> (-selinux) -systemd -test"
>> Upgrading just "chrome" did not ask me for any keyring password.
>>
>> I don't use gnome, I use XFCE but I guess one of the package pull this
>> as a dependency.
>>   
>>
>>
> 
> 
> Could disabling a USE flag remove that dependency?  It may not be
> google-chrome itself but something else it depends on.  Using the --tree
> option may help here.  Masking the keyring package may force emerge to
> shine some light on what needs the package as well.  It should grumble
> about it being masked along with what needs it.
> 
> Sort of odd that something like this pops up all of a sudden with no
> notice of the change.
> 
So why am I glad my USE= includes "-gnome" :-)

Although I don't use Chrome, so I wouldn't notice anyways :-)

Cheers,
Wol

[gentoo-user] Re: google-chrome-103.0.5060 - choose password for new keyring

[Martin Vaeth]

Wols Lists <antlists@youngman.org.uk> wrote:
> So why am I glad my USE= includes "-gnome" :-)
>
> Although I don't use Chrome, so I wouldn't notice anyways :-)

You are wrong: The dependency is unconditional, so USE=-gnome won't help.

What helps is to put a version of virtual/secret-service in your local
repository which does not actually pull in anything.
That's not very elegent, though: If suddenly the dependency is real,
things will break “silently”.

Re: [gentoo-user] google-chrome-103.0.5060 - choose password for new keyring

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 831 bytes --]

On Sat, 9 Jul 2022 18:12:51 +0100, Wols Lists wrote:

> > Could disabling a USE flag remove that dependency?  It may not be
> > google-chrome itself but something else it depends on.  Using the
> > --tree option may help here.  Masking the keyring package may force
> > emerge to shine some light on what needs the package as well.  It
> > should grumble about it being masked along with what needs it.
> > 
> > Sort of odd that something like this pops up all of a sudden with no
> > notice of the change.
> >   
> So why am I glad my USE= includes "-gnome" :-)
> 
> Although I don't use Chrome, so I wouldn't notice anyways :-)

google-chrome is a binary package, so USE flags won't make any difference
to its dependencies.


-- 
Neil Bothwick

We are from the planet Taglinis. Take us to your reader!

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]