On Mon, 2007-03-19 at 14:53 +0530, Rahul Sundaram wrote:
Jon Nettleton wrote:
> Well you guys caught me at a good time. I am on vacation this week and
> one of the things I had planned was to finally push the next version of
> pam_keyring. This version will have password changing support in it and
> should close bug #212845.
Excellent.
>
> I also started working on mockups of system-config-authentication that
> include a tab that would detect if you had pam_keyring or pam_ssh was
> available and add check boxes to enable it at graphical login.
This would be useful.
Maybe I
> will spend and hour or two and finish that up. Does that sound like a
> good solution for bug #232857?
I would want to actually have it all just work. gnome-keyring should
offer to use the login password by default or just do it. I dont want to
fiddle with options anywhere but exposing that options in
system-config-authentication or gnome-keyring itself would help in the
case that users for some reason want to have separate passwords for the
login and keyring.
Way back when I first started this work to better integrate
gnome-keyring I had a grand vision of how this all worked. Basically I
want to create an login keyring. The idea being that an option you can
set for a keyring is on_login. Gnome_keyring would then add the
keyringname and password to the login keyring. Pam_keyring would then
unlock the login keyring and then for each keyringname it found try to
unlock that keyring with the associated password.
I think this would lend itself to allowing per application keyrings, and
other options that would be better than stuffing everything in the
default keyring. I think all of this will integrate better if seahorse
replaces gnome-keyring-manager. Revelation might also be a good
alternate frontend.
Jon