Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gnome3: Allow disabling gnome-keyring #42293

Closed
wants to merge 1 commit into from
Closed

gnome3: Allow disabling gnome-keyring #42293

wants to merge 1 commit into from

Conversation

dpc
Copy link
Contributor

@dpc dpc commented Jun 20, 2018

Motivation for this change

Allow workaround for #42291

Things done

I actually wasn't able to test it, because

sudo nixos-rebuild switch -I nixpkgs=(pwd)
(...)
patching /nix/store/lnpnpabyc557g3qzdlww5s7djqjc0gwh-extra-utils/bin/cryptsetup-askpass...
not an ELF executable
testing patched programs...
hello world
238
mdadm - v4.0 - 2017-01-09
btrfs-progs v4.15.1
/nix/store/lnpnpabyc557g3qzdlww5s7djqjc0gwh-extra-utils/bin/cryptsetup: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory
builder for '/nix/store/g1xy82aw9byq7yvvi4xqx3kf3xz8fqsi-extra-utils.drv' failed with exit code 127
cannot build derivation '/nix/store/9jrd9xsagyimg9l83mjbg3z38b3axf3n-stage-1-init.sh.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/s1ifmwplfgywvdrl99qbwl8p2i3z28p1-initrd.drv': 1 dependencies couldn't be built
cannot build derivation '/nix/store/knqa113rwkpkyb8qiv78h1lmkjzs2y8g-nixos-system-futex.dpc.pw-18.09.git.1903bfc.drv': 1 dependencies couldn't be built
error: build of '/nix/store/knqa113rwkpkyb8qiv78h1lmkjzs2y8g-nixos-system-futex.dpc.pw-18.09.git.1903bfc.drv' failed

with or without this change. And I'm a noob, so it will take me a while to understand what's wrong.

  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@dpc
gnome3: Allow disabling gnome-keyring
1903bfc 
Gnome keyring sets `SSH_AUTH_SOCK` on start of gnome session. This
breaks a lot of internal Nix scripts. Also `gnome-keyring-daemon`
is generally problematic (eg. it doesn't support smartcards for gpg).

After this change it should be possible to disable gnome-keyring
explicitly while still using full gnome3 session.
@jtojnar
Copy link
Contributor

jtojnar commented Jun 20, 2018

I am actually not sure why some services use mkDefault and others not. Maybe it is a distinction between critical and optional services – for example, libsecret requires some keyring provider to be installed, so disabling GNOME Keyring might break your system, thus the need for explicit use of mkForce.

Unfortunately, Nix cannot really capture the package's dependencies on systemd services, which are global by nature.

@dpc dpc mentioned this pull request Jun 20, 2018
Closed
@jtojnar jtojnar closed this Jun 20, 2018
@jtojnar
Copy link
Contributor

jtojnar commented Jun 20, 2018

Closing as GNOME Keyring is a critical GNOME component and disabling it should not be easy, see above and the linked issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
6.topic: nixos 8.has: module (update) 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dpc @jtojnar @GrahamcOfBorg