Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

You're running in a KDE environment but the OS keyring is not available for encryption. Ensure you have kwallet running. #189672

Closed
irfanhakim-as opened this issue Aug 4, 2023 · 11 comments
Closed

You're running in a KDE environment but the OS keyring is not available for encryption. Ensure you have kwallet running. #189672

irfanhakim-as opened this issue Aug 4, 2023 · 11 comments
Assignees
@TylerLeonhardt
Labels
info-needed Issue requires more information from poster

Comments

@irfanhakim-as
Copy link

irfanhakim-as commented Aug 4, 2023
edited
Loading

Does this issue occur when all extensions are disabled?: Yes

  • VS Code Version: 1.81.0-1690980880 (Flatpak, latest currently available)
  • OS Version: EndeavourOS Linux x86_64, 6.4.7-arch1-3, KDE Plasma 5.27.7

Steps to Reproduce:

  1. Launch VS Code
  2. Gets prompt to "Sign in to use GitHub Copilot" (instead of having access to it from the get-go as before)
  3. Click the option to "Sign in to GitHub"
  4. Gets prompt from VS Code saying "The extension 'GitHub Copilot' wants to sign in using GitHub."
  5. Click "Allow"
  6. Primary browser with GitHub logged in gets launched with a new tab posting a request to "https://github.com/login/oauth/authorize"
  7. Automatically redirected back to VS Code with access to Copilot/Settings Sync
  8. Gets an error prompt stating the error message (as per title)

As requested by @TylerLeonhardt in #187842, I've ran flatpak run com.visualstudio.code --verbose --vmodule="*/components/os_crypt/*=1" and logged the output. The most notable snippet to me from the log, being:

[23:0805/013706.938928:VERBOSE1:key_storage_util_linux.cc(54)] Password storage detected desktop environment: KDE5
[23:0805/013706.938942:VERBOSE1:key_storage_linux.cc(122)] Selected backend for OSCrypt: KWALLET5
[23:0805/013706.940420:ERROR:object_proxy.cc(623)] Failed to call method: org.kde.KWallet.isEnabled: object_path= /modules/kwalletd5: org.freedesktop.DBus.Error.ServiceUnknown: org.freedesktop.DBus.Error.ServiceUnknown
[23:0805/013706.940428:ERROR:kwallet_dbus.cc(100)] Error contacting kwalletd5 (isEnabled)
[23:0805/013706.940509:ERROR:object_proxy.cc(623)] Failed to call method: org.kde.KLauncher.start_service_by_desktop_name: object_path= /KLauncher: org.freedesktop.DBus.Error.ServiceUnknown: org.freedesktop.DBus.Error.ServiceUnknown
[23:0805/013706.940513:ERROR:kwallet_dbus.cc(72)] Error contacting klauncher to start kwalletd5
[23:0805/013706.940516:WARNING:key_storage_linux.cc(208)] OSCrypt tried KWallet but couldn't initialise.
[23:0805/013706.940582:ERROR:object_proxy.cc(623)] Failed to call method: org.kde.KWallet.close: object_path= /modules/kwalletd5: org.freedesktop.DBus.Error.ServiceUnknown: org.freedesktop.DBus.Error.ServiceUnknown
[23:0805/013706.940586:ERROR:kwallet_dbus.cc(418)] Error contacting kwalletd5 (close)
[23:0805/013706.940661:VERBOSE1:key_storage_linux.cc(142)] OSCrypt did not initialize a backend.

Please let me know if there's anything else I should include in this issue - such as the full output of the log. Thanks!
@vscodenpa
Copy link

Thanks for creating this issue! It looks like you may be using an old version of VS Code, the latest stable release is 1.81.0. Please try upgrading to the latest version and checking whether this issue remains.

Happy Coding!

@TylerLeonhardt TylerLeonhardt removed their assignment Aug 7, 2023
@TylerLeonhardt
Copy link
Member

TylerLeonhardt commented Aug 7, 2023
edited
Loading

Could you try launching again but this time with --password-store=gnome-libsecret or set "password-store":"gnome-libsecret" in the JSON file that opens with the Configure Runtime Arguments command?

I noticed this issue: flathub/com.google.Chrome#180 which mentioned this as a workaround.

@TylerLeonhardt TylerLeonhardt self-assigned this Aug 7, 2023
@TylerLeonhardt TylerLeonhardt added the info-needed Issue requires more information from poster label Aug 7, 2023
@irfanhakim-as
Copy link
Author

Adding that flag to the command, flatpak run com.visualstudio.code --verbose --vmodule="*/components/os_crypt/*=1" --password-store=gnome-libsecret actually does work even though I do not have gnome-keyring installed.

[23:0808/091316.597677:VERBOSE1:key_storage_linux.cc(122)] Selected backend for OSCrypt: GNOME_LIBSECRET
[23:0808/091316.606317:VERBOSE1:key_storage_linux.cc(174)] OSCrypt using Libsecret as backend.
[23:0808/091316.610903:VERBOSE1:key_storage_libsecret.cc(53)] Libsecret key created: 2023-08-08 01:12:30.000 UTC
[23:0808/091316.610913:VERBOSE1:key_storage_libsecret.cc(54)] Libsecret key last modified: 2023-08-08 01:12:30.000 UTC

I'm not entirely sure that it's using my kdewallet though. Prior to reporting this issue, I had deleted a folder that seems to belong to VS Code in my wallet, hoping that it'd create a new one to "fix" the issue. It didn't, and the behaviour before and after deleting the folder were the same. At the moment, I still do not see its folder being created again, and only see the following in the list:

  • Chromium Keys
  • GnuPG
  • Network Management
  • Secret Service
  • accounts

If this workaround indeed lets VS Code use kwallet5 properly again, could it be using Chromium Keys? Or is the workaround not using kwallet5 entirely?

@TylerLeonhardt
Copy link
Member

TylerLeonhardt commented Aug 8, 2023
edited
Loading

Yeah so gnome-libsecret is a bad name... it really should just be called libsecret. Libsecret is an abstraction layer over different desktop keyrings and thankfully kwallet5 and up implement the parts to make it play nice with libsecret.

Since KDE Frameworks 5.97.0 KDE Wallet supports org.freedesktop.secrets DBus API and can now be used by libsecret for storing and retrieving passwords and other secrets using the Secret Service API.

from https://wiki.archlinux.org/title/KDE_Wallet

Yeah it'll be under either Chromium Keys, Secret Service, or accounts.... not sure which, but the specific key we care about will end in Safe Storage so like Code Safe Storage or maybe Chromium Safe Storage.

@irfanhakim-as
Copy link
Author

Thank you so much for the clarification, that has made things much clearer!

May I know what perhaps would be the next step forward?

I'm assuming that the workaround of adding "password-store": "gnome-libsecret" to argv.json is temporary and a fix might come at some point that would no longer require having that in the runtime argument?

@TylerLeonhardt
Copy link
Member

Well... this is tough because we don't maintain the flatpak and to me, this seems like a bug there. We (well Electron via Chromium) detect that you have kwallet5 but for some reason the flatpak can't communicate with kwallet5 as expected, and this doesn't appear to be scoped to just VS Code's flatpak:
flathub/com.google.Chrome#180

So I think a fix really needs to be in the flatpak platform to get this communication to kwallet5 working... or in VS Code's flatpak to somehow hard code using gnome-libsecret.

I would recommend getting an issue going over in: https://github.com/flathub/com.visualstudio.code

@TylerLeonhardt
Copy link
Member

Oh looks like there already is an issue: flathub/com.visualstudio.code#415

Let's dupe this over to there since I think this is really scoped to the flatpak.

TylerLeonhardt added a commit to microsoft/vscode-docs that referenced this issue Aug 8, 2023
@TylerLeonhardt
Include another KDE workaround
d1d3930 
ref microsoft/vscode#189672
@TylerLeonhardt TylerLeonhardt mentioned this issue Aug 8, 2023
Merged
@TylerLeonhardt
Copy link
Member

I did add this workaround to our docs: microsoft/vscode-docs#6577

TylerLeonhardt added a commit to microsoft/vscode-docs that referenced this issue Aug 8, 2023
@TylerLeonhardt
Include another KDE workaround (#6577)
fb07c76 
ref microsoft/vscode#189672
@irfanhakim-as
Copy link
Author

I saw a similar Flatpak issue with a different application but didn't even realise that it was the cause, rather I thought that it's entirely got to do with the change I had read VS Code made related to reading/managing secrets.

I did add this workaround to our docs: microsoft/vscode-docs#6577

Adding this bit to the docs is really helpful. This has been very pleasant and educational, thank you so much @TylerLeonhardt!

@scopedog
Copy link

Same thing with FreeBSD 13.2R + Code - OSS. Specifying --password-store=gnome-libsecret just changes the warning message to "You're running in a GNOME environment..." Both kwalletd5 and gnome-keyring-daemon are running. I don't know how they work but does vscode communicate with those programs to save/retrieve passwords?

@TylerLeonhardt
Copy link
Member

@scopedog please follow the troubleshooting guide here:

https://code.visualstudio.com/docs/editor/settings-sync#_troubleshooting-keychain-issues

@github-actions github-actions bot locked and limited conversation to collaborators Sep 24, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@TylerLeonhardt TylerLeonhardt

Labels
info-needed Issue requires more information from poster
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@TylerLeonhardt @scopedog @irfanhakim-as @vscodenpa