(Created page with "{{admon/important | Comments and Explanations | The page source contains comments providing guidance to fill out each section. They are invisible when viewing this page. To re...") |
mNo edit summary |
||
Line 54: | Line 54: | ||
While GNOME Keyring was originally aiming to be the central cryptographic service on desktop, its scope has been gradually reduced over years. Notable examples are [https://bugzilla.gnome.org/show_bug.cgi?id=750514 gpg-agent removal] in 2015, [https://bugzilla.gnome.org/show_bug.cgi?id=791401 PKCS #11 module deprecation] in 2018, and [https://bugzilla.gnome.org/show_bug.cgi?id=775981 ssh-agent rewrite to defer the operations to the OpenSSH ssh-agent] in 2018. | While GNOME Keyring was originally aiming to be the central cryptographic service on desktop, its scope has been gradually reduced over years. Notable examples are [https://bugzilla.gnome.org/show_bug.cgi?id=750514 gpg-agent removal] in 2015, [https://bugzilla.gnome.org/show_bug.cgi?id=791401 PKCS #11 module deprecation] in 2018, and [https://bugzilla.gnome.org/show_bug.cgi?id=775981 ssh-agent rewrite to defer the operations to the OpenSSH ssh-agent] in 2018. | ||
Those services were exposed as part of the single daemon program called gnome-keyring-daemon, launched by the gnome-session or PAM depending on desktop environments. Now that only the essential service remaining in gnome-keyring-daemon is the D-Bus secret-service, it would be worth considering the split of the daemon into small sub-services, | Those services were exposed as part of the single daemon program called gnome-keyring-daemon, launched by the gnome-session or PAM depending on desktop environments. Now that only the essential service remaining in gnome-keyring-daemon is the D-Bus secret-service, it would be worth considering the split of the daemon into small sub-services, which can be activated by systemd. | ||
<!-- Expand on the summary, if appropriate. A couple sentences suffices to explain the goal, but the more details you can provide the better. --> | <!-- Expand on the summary, if appropriate. A couple sentences suffices to explain the goal, but the more details you can provide the better. --> |
Revision as of 18:19, 25 October 2020
🔗 Modular GNOME Keyring
🔗 Summary
The monolithic gnome-keyring-daemon will be split into dedicated sub-daemons, so that they can be consistently managed by systemd.
🔗 Owner
- Name: Daiki Ueno, Benjamin Berg
- Email: dueno@redhat.com, bberg@redhat.com
- Product: Workstation
- Responsible WG: Workstation
🔗 Current status
- Targeted release: Fedora 34
- Last updated: 2020-10-25
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
🔗 Detailed Description
While GNOME Keyring was originally aiming to be the central cryptographic service on desktop, its scope has been gradually reduced over years. Notable examples are gpg-agent removal in 2015, PKCS #11 module deprecation in 2018, and ssh-agent rewrite to defer the operations to the OpenSSH ssh-agent in 2018.
Those services were exposed as part of the single daemon program called gnome-keyring-daemon, launched by the gnome-session or PAM depending on desktop environments. Now that only the essential service remaining in gnome-keyring-daemon is the D-Bus secret-service, it would be worth considering the split of the daemon into small sub-services, which can be activated by systemd.
🔗 Feedback
🔗 Benefit to Fedora
Consistent experience of managing the services due to fine grained service units. This would simplify the desktop secret management and allow further extension of it towards modern security mechanisms e.g., hardware-based security.
🔗 Scope
- Proposal owners:
- Move the ssh-agent code from the gnome-keyring package to gcr, making it socket activatable
- The remaining secret-service is made to be D-Bus activatable
- Install systemd unit files for those sub services, replacing the monolithic gnome-keyring-daemon service
- Other developers: N/A (not a System Wide Change)
- Release engineering: #Releng issue number (a check of an impact with Release Engineering is needed)
- Policies and guidelines: N/A (not a System Wide Change)
- Trademark approval: N/A (not needed for this Change)
- Alignment with Objectives:
🔗 Upgrade/compatibility impact
N/A (not a System Wide Change)
🔗 How To Test
Check if the sub-services are managed by systemd, using systemctl status.
N/A (not a System Wide Change)
🔗 User Experience
No visible change should be observed by normal users.
🔗 Dependencies
N/A (not a System Wide Change)
🔗 Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
- Blocks product? product
🔗 Documentation
N/A (not a System Wide Change)