On Mon, 2007-03-19 at 14:53 +0530, Rahul Sundaram wrote:
Jon Nettleton wrote:
Well you guys caught me at a good time. I am on vacation this week and one of the things I had planned was to finally push the next version of pam_keyring. This version will have password changing support in it and should close bug #212845.
Excellent.
I also started working on mockups of system-config-authentication that include a tab that would detect if you had pam_keyring or pam_ssh was available and add check boxes to enable it at graphical login.
This would be useful.
Maybe I
will spend and hour or two and finish that up. Does that sound like a good solution for bug #232857?
I would want to actually have it all just work. gnome-keyring should offer to use the login password by default or just do it. I dont want to fiddle with options anywhere but exposing that options in system-config-authentication or gnome-keyring itself would help in the case that users for some reason want to have separate passwords for the login and keyring.
Way back when I first started this work to better integrate gnome-keyring I had a grand vision of how this all worked. Basically I want to create an login keyring. The idea being that an option you can set for a keyring is on_login. Gnome_keyring would then add the keyringname and password to the login keyring. Pam_keyring would then unlock the login keyring and then for each keyringname it found try to unlock that keyring with the associated password.
I think this would lend itself to allowing per application keyrings, and other options that would be better than stuffing everything in the default keyring. I think all of this will integrate better if seahorse replaces gnome-keyring-manager. Revelation might also be a good alternate frontend.
Jon