Since the upgrade to Leap 16.0 I’ve experienced the issue where KWallet always asks for a password on login. Followed every manual, changed settings, user and wallet password are the same, the usual steps. Won’t budge.
In frustration I decided it was best to simply remove anything related with the wallet, reboot, re-install the whole thing and start over. So two hours later I managed to get my system back under control. Sigh, still relatively new to Linux, still learning.
But now I’m confronted with new behavior. Immediately after login the system wants me to create a new wallet ‘kdewallet’. Awesome, let’s go! Immediately after it wants to create wallet ‘kdewallet__0’. Ehmm ok? If I do, it then wants ‘kdewallet__0___0’ and so on, about four times.
And on top of that, it still wants a password every time I log on. I’m worse off than when I started.
It seems like the wallet service itself is not running, which could be a leftover from my overzealous ‘remove it all’ mode. As far as I can see the packages are all back. What would be a logical course of action to analyze the issue?
Thanks in advance for the help, hopefully we can get things going again. Otherwise I’m back to square one and might re-install the entire system just to get things in order again. Not looking forward to that, feels like giving up, but daily frustration can’t be right either.
egbert@kaas:~> zypper search wallet
Loading repository data...
Reading installed packages...
S | Name | Summary | Type
---+-------------------------------+-----------------------------------------------------+-----------
i+ | kf6-kwallet | Safe desktop-wide storage for passwords | package
| kf6-kwallet-devel | Safe desktop-wide storage for passwords | package
| kf6-kwallet-tools | Safe desktop-wide storage for passwords | package
| kf6-kwallet-tools-lang | Translations for package kf6-kwallet-tools | package
| kwallet-devel | Safe desktop-wide storage for passwords | package
| kwallet-pam | KWallet PAM Integration | srcpackage
i+ | kwallet-tools | Safe desktop-wide storage for passwords | package
i+ | kwallet-tools-lang | Safe desktop-wide storage for passwords | package
| kwalletd5 | Safe desktop-wide storage for passwords | package
| kwalletd5-lang | Translations for package kwalletd5 | package
i+ | kwalletd6 | Safe desktop-wide storage for passwords | package
| kwalletd6-lang | Translations for package kwalletd6 | package
i+ | kwalletmanager | Wallet Management Tool | package
| kwalletmanager-lang | Translations for package kwalletmanager | package
i | libKF5Wallet5 | Safe desktop-wide storage for passwords | package
i+ | libKF6Wallet6 | Safe desktop-wide storage for passwords | package
i | libKF6WalletBackend6 | Safe desktop-wide storage for passwords | package
i | libkwalletbackend5-5 | Safe desktop-wide storage for passwords | package
| liblxqt-wallet6_0_0 | Library for lxqt-wallet | package
i | libsvn_auth_kwallet-1-0 | KWallet support for Subversion | package
| lxqt-wallet | Secure storage of information for LXQt | package
| lxqt-wallet-devel | Development files for lxqt-wallet | package
| lxqt-wallet-lang | Translations for package lxqt-wallet | package
| pam_kwallet | KWallet5 PAM Integration | package
i+ | pam_kwallet6 | A PAM Module for KWallet signing | package
i+ | pam_kwallet6-common | Support files for the KWallet PAM module | package
| perl-Passwd-Keyring-KDEWallet | Password storage implementation based on KDE Wallet | package
| perl-Passwd-Keyring-KDEWallet | Password storage implementation based on KDE Wallet | srcpackage
| remmina-plugin-kwallet | Remmina plugin to support the KDE Wallet | package
i+ | signon-kwallet-extension | KWallet integration for signon framework | package
Note: For an extended search including not yet activated remote resources please use 'zypper
search-packages'.
egbert@kaas:~>
Shouldn’t this one be inststalled? And configured? I’m currently using kwallet with an empty password ( which I shouldn’t, but machine never leaves the house and I’m the only person in it. )
Yup, but at the moment the PAM integration isn’t even the issue… why does the system want me to create four wallets, only to ignore them on the next login and start over?
The ~/.local/share/kwalletd folder and contents all have the correct owner (me) and permissions. So it should just be one wallet ‘kdewallet’ with the same password as my user and work… which obviously it does not.
By being fed up with the wallet system not working properly and going for the nuclear option… which backfired, of course.
Just tried your suggestion. No change unfortunately, still popups to create several wallets. It does not matter whether I select Classic (which I should for PAM) or leave it at GPG.
That did not happen here. I was using GPG encryption before I upgraded to Leap 16.0, and I was prompted for kwallet password at every boot. So I did what I suggested you try. After that, no more prompts.
Given that there are plenty of users that don’t experience any issues, it must usually work. Just my luck, it must be my somewhat clunky install. Haven’t re-installed Linux that often yet, so will try on a VM first. Let’s see whether we can get that done as quickly as we once could Windows.
Thanks for the quick replies, will report back when done.
What sticks out from your package list is that you still have kwallet-tools installed. Install the new package kf6-kwallet-tools. See if this makes a difference. Also try again, the removal of the config files as shown by nrickert, after you have installed the new package.
I would also suggest creating a new user, and seeing what happens there. That’s usually a pretty reasonable troubleshooting step, just to see if this is a problem with your user accounts configuration, or a bug in kwallet itself.
I’m currently using a Blowfish “kdewallet” Wallet with an empty password, for the KDE application credentials (KMail and Dolphin and Chromium Browser) and, a GnuPG Wallet for the Passwords I need to have a note of …
I’ve been running around the SELinux security contexts issue for more days as I care to count and have settled on this solution for the moment.
> ls -ldZ ~/.local
drwx------. 5 xxx xxx unconfined_u:object_r:gconf_home_t:s0 43 3. Nov 10:02 /home/Users/xxx/.local
>
> ls -ldZ ~/.local/*
drwx------. 2 xxx xxx unconfined_u:object_r:home_bin_t:s0 6 3. Nov 10:02 /home/Users/xxx/.local/bin
drwx------. 82 xxx xxx unconfined_u:object_r:data_home_t:s0 4096 6. Jan 18:34 /home/Users/xxx/.local/share
drwx------. 4 xxx xxx unconfined_u:object_r:gconf_home_t:s0 4096 6. Jan 19:29 /home/Users/xxx/.local/state
>
> ls -ldZ ~/.local/share
drwx------. 82 xxx xxx unconfined_u:object_r:data_home_t:s0 4096 6. Jan 18:34 /home/Users/xxx/.local/share
>
> ls -ldZ ~/.local/share/kwalletd
drwx-----T. 2 xxx xxx unconfined_u:object_r:data_home_t:s0 155 6. Jan 18:04 /home/Users/xxx/.local/share/kwalletd
>
> ls -lZ ~/.local/share/kwalletd
insgesamt 48
-rw-------. 1 xxx xxx unconfined_u:object_r:data_home_t:s0 19706 4. Jan 17:27 Benutzer_attributes.json
-rw-------. 1 xxx xxx unconfined_u:object_r:data_home_t:s0 8092 6. Jan 18:04 Benutzer.kwl
-rw-------. 1 xxx xxx unconfined_u:object_r:data_home_t:s0 56 3. Jan 14:15 Benutzer.salt
-rw-------. 1 xxx xxx unconfined_u:object_r:data_home_t:s0 7091 3. Jan 14:11 kdewallet_attributes.json
-rw-------. 1 xxx xxx unconfined_u:object_r:data_home_t:s0 2484 6. Jan 17:52 kdewallet.kwl
-rw-------. 1 xxx xxx unconfined_u:object_r:data_home_t:s0 56 3. Jan 14:07 kdewallet.salt
>
In another post I’ve raised the issue of the current KDE Plasma 6 version shipping with Leap 16.0 – I’ll come back here to report if, the issues around PAM and KWallet resolve themselves by moving to the Open Build Service openSUSE KDE Project version of KDE Plasma 6.
BTW, I’m currently not experiencing any SELinux access warnings → “restorecon -F -R” was needed on my Home directory to make that issue disappear …
Installed that as well, removed the config… no change.
Good suggestion, to make sure it’s not just user account related. It’s not… new user, some issue.
I’m not alone, hooray!
In a VM, new Leap 16.0 install, no issue whatsoever. Default wallet ‘kdewallet’, with the same password as my user account. No additional steps required.
So it seems I’ve borked my installation. And it can no doubt be fixed… by someone who properly knows what they’re doing. Although I’m getting the hang of fixing things myself, this is a bit too far out of my comfort zone. Especially since there’s no guarantee of success or even improvement.
For now it is what it is. Save everything I need and onward to a fresh install. Thanks for the quick support!
If I set the kdewallet (Blowfish) password to my user’s login password, KWallet prompts for a password at login.
Jan 08 09:21:16 sddm-helper[3863]: [PAM] Starting...
Jan 08 09:21:16 sddm-helper[3863]: [PAM] Authenticating...
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5(sddm:auth): pam_kwallet5: pam_sm_authenticate
Jan 08 09:21:16 sddm-helper[3863]: [PAM] Preparing to converse...
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5(sddm:auth): pam_kwallet5: Couldn't get password (it is empty)
Jan 08 09:21:16 sddm-helper[3863]: [PAM] Conversation with 1 messages
Jan 08 09:21:16 sddm-helper[3863]: [PAM] returning.
Jan 08 09:21:16 sddm[1734]: Authentication for user "xxx" successful
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5(sddm:setcred): pam_kwallet5: pam_sm_setcred
Jan 08 09:21:16 sddm-greeter-qt6[3767]: Message received from daemon: LoginSucceeded
Jan 08 09:21:16 systemd-logind[1217]: New session 7 of user xxx.
Jan 08 09:21:16 systemd[1]: Started Session 7 of User xxx.
Jan 08 09:21:16 sddm-helper[3863]: pam_unix(sddm:session): session opened for user xxx(uid=1001) by xxx(uid=0)
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5(sddm:session): pam_kwallet5: pam_sm_open_session
Jan 08 09:21:16 sddm-helper[3866]: pam_kwallet5: Couldn't create directory: /home/Users/xxx because: 13-Keine Berechtigung
Jan 08 09:21:16 sddm-helper[3866]: pam_kwallet5: Couldn't open file: /home/Users/xxx/.local/share/kwalletd/kdewallet.salt because: 13-Keine Berechtigung
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5(sddm:session): pam_kwallet5: Couldn't create salt file
Jan 08 09:21:16 sddm-helper[3867]: pam_kwallet5: Failed to ensure /home/Users/xxx/.local/share/kwalletd/kdewallet.salt looks like a salt file
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5(sddm:session): pam_kwallet5: Couldn't read salt file
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5-kwalletd: Couldn't create or read the salt file
Jan 08 09:21:16 sddm-helper[3863]: pam_kwallet5(sddm:session): pam_kwallet5: Fail into creating the hash
Jan 08 09:21:17 sddm-helper[3863]: Starting Wayland user session: "/usr/share/sddm/scripts/wayland-session" "/usr/libexec/plasma-dbus-run-session-if-needed /usr/bin/startplasma-wayland"
Jan 08 09:21:17 sddm-helper[3868]: Jumping to VT 3
Jan 08 09:21:17 sddm-helper[3868]: VT mode didn't need to be fixed
Jan 08 09:21:17 sddm-helper-start-wayland[3762]: "kwin_wayland_drm: atomic commit failed: Keine Berechtigung\n"
Jan 08 09:21:17 sddm[1734]: Session started true
Jan 08 09:21:17 sddm-helper[3863]: Failed to write utmpx: Datei oder Verzeichnis nicht gefunden
Jan 08 09:21:17 sddm-helper-start-wayland[3762]: wayland greeter finished 0 QProcess::NormalExit
Jan 08 09:21:17 sddm-helper-start-wayland[3762]: quitting helper-start-wayland
Jan 08 09:21:17 sddm-helper-start-wayland[3762]: Stopping... "kwin_wayland"
Jan 08 09:21:17 sddm-helper-start-wayland[3762]: wayland compositor finished 15 QProcess::NormalExit
Jan 08 09:21:17 sddm-helper[3748]: [PAM] Closing session
Regardless of whether there’s a Password set for the “kdewallet” Wallet or not, “pam_kwallet5” complains that the password is empty –
