After updating from 20250602 to 20250604 I no longer could open kwallet. When I try to open default kdewallet in KWalletManager it would fail with following error:
"Error when attempting to decrypt the wallet kdewallet using GPG. If you’re using a SmartCard, please ensure it’s inserted then try again.
GPG error was Invalid data"
I don’t know what exactly went wrong but rolling back dirmngr gpg2 gpg2-lang packets from version 2.5.7-1.1 to 2.5.6-2.1 fixed my issue. I used following commands to rollback:
sudo zypper ar -p 110 https://download.opensuse.org/history/20250602/tumbleweed/repo/oss/ 20250602-repo-oss
sudo zypper in --oldpackage dirmngr-2.5.6-2.1 gpg2-2.5.6-2.1 gpg2-lang-2.5.6-2.1
I don’t see anything in journalctl other than “kwalletd6[1846]: kf.wallet.kwalletd: “Unable to unlock collectionName kdewallet””
Any suggestions on where do I look for logs that might contain useful information to report this issue?
Yes, the repair patch may well address the issue you’re experiencing but, until that patch hits the streets you could try one thing:
With a fresh, clean, new, user added to your system, try creating a new instance of the KDE Wallet using GPG and the EdDSA signature scheme Ed25519 – related to Curve25519.
Also, for both users, please check the validity of your GPG signature with Kleopatra.
Please be aware that, encrypted data has to be decrypted if it’s to be usable – both encryption and decryption rely on mathematical algorithms – in particular decryption, assumes that, there wasn’t a bit error during the read data function – encryption usually checks the consistency of the data written to the encrypted wallet/key-ring file.
Bottom line, due to the possibility of “bit dust” and the small chance that, any file may well suffer a bit failure, it is advisable to backup any encrypted wallet/key-ring.
Personally, I export my KWallet content as an XML file – not encrypted – and then move that exported wallet content to a removable drive which is then placed, physically, in a safe place.
If the encrypted wallet/key-ring suffers a catastrophic failure, I simply delete it and then create a new fresh wallet/key-ring and then import the backed-up contents …
Both GPG database and kwallet content are intact. GPG on its own seems to be working as expected. I can encrypt and decrypt files without issues and signature verification succeeds. KDE Wallet on the other hand is freaking out. It can’t decrypt existing wallet. I can make and open a new wallet through KDE Wallet Manager but I can’t write or read anything to it using both Wallet Manager and kwallet-query. I rolled back GPG packages to previous version and kwallet works. Probably I’ll hold back GPG packages for time being until fix is out.
I tried using the KDE wallet in the past before, it simply just ends up having these issues unfortunately, so I end up just disabling it for every KDE install. Since I just use a laptop, I simply just encrypt the whole linux drive anyways.
It was working fine for me until that particular update. A lot of apps use it to securely store bits of info. Some apps even become unusable without it. So I need it working.
I had it randomly break, dunno why, but I understand some apps look for a keyring system (eg: chromium), so I force them to use gnome keyring which seems to satisfy the app.
Leap is moving way too slowly to my taste. Close to release of the next leap version software might be outdated by almost whole year and some software is available only on tumbleweed. Also my system is fairly modern so in a way I have to use tumbleweed. Drivers that I need for my system to function got merged in 6.12 kernel. Yeah there’s a way to compile them for older kernel from source and use dkms but I’d rather use tumbleweed by that point. And out of rolling release distros I’d say tumbleweed is the best in terms of stability and ease of rolling back in the event something goes wrong. Out of all the distros I tried only OpenSUSE and NixOS have out of the box way to rollback from bad updates. So bad updates on tumbleweed are not that bad of a thing. I’m having to rollback only like 3 times a year due bad updates. Other times everything works just as well as it does on leap.
I appreciate the info on which packages needed to be rolled back.