How to Disable Keyring Prompts of GNOME3 in Linux VDA Sessions

Citrix Citrix
Here are some Keyring prompts you might encounter in your RHEL 7.2 VDA or Ubuntu 16.04 VDA session:

User-added image
User-added image
User-added image

You might disable Keyring prompts based on user identity or globally:

  • An example of disabling Keyring prompts based on user identity:

$ cat ~/.config/goa-1.0/accounts.conf

[Account account_1453086621]

Provider=kerberos

Identity=user1@XD.LOCAL

PresentationIdentity=XD.LOCAL

Realm=XD.LOCAL

SessionId=6be198ae5c5f0d47b85a0b73569c579d

IsTemporary=false

TicketingEnabled=true

You might see a lot of accounts in the above .conf file. That’s the result of a Keyring bug. For more information, see https://access.redhat.com/solutions/1609773.

In this case, set the last account’s IsTemporary to false.

  • An example of disabling Keyring prompts globally:

According to the official documentation of GNOME, to disable Keyring prompts globally, you need tostop the GNOME Keyring daemon by setting the autostart desktop files and D-Bus services files:

# grep -r gnome-keyring-daemon /etc/xdg/autostart

/etc/xdg/autostart/gnome-keyring-ssh.desktop:Exec=/usr/bin/gnome-keyring-daemon –start –components=ssh

/etc/xdg/autostart/gnome-keyring-gpg.desktop:#Exec=/usr/bin/gnome-keyring-daemon –start –components=gpg

/etc/xdg/autostart/gnome-keyring-pkcs11.desktop:#Exec=/usr/bin/gnome-keyring-daemon –start –components=pkcs11

/etc/xdg/autostart/gnome-keyring-secrets.desktop:#Exec=/usr/bin/gnome-keyring-daemon –start –components=secrets

# grep -r gnome-keyring-daemon /usr/share/dbus-1/services/

/usr/share/dbus-1/services/org.freedesktop.secrets.service:#Exec=/usr/bin/gnome-keyring-daemon –start –foreground –components=secrets

/usr/share/dbus-1/services/org.gnome.keyring.service:#Exec=/usr/bin/gnome-keyring-daemon –start –foreground –components=secrets

# grep -r gnome-software /etc/xdg/autostart/

/etc/xdg/autostart/gnome-software-service.desktop:#Exec=/usr/bin/gnome-software –gapplication-service

# vi /etc/polkit-1/rules.d/02-allow-colord.rules

polkit.addRule(function(action, subject) {

if ((action.id == “org.freedesktop.color-manager.create-device” ||

action.id == “org.freedesktop.color-manager.create-profile” ||

action.id == “org.freedesktop.color-manager.delete-device” ||

action.id == “org.freedesktop.color-manager.delete-profile” ||

action.id == “org.freedesktop.color-manager.modify-device” ||

action.id == “org.freedesktop.color-manager.modify-profile”) &&

subject.isInGroup(“domain users”)) {

return polkit.Result.YES;

}

});

Set your files on the RHEL 7.2 VDA or Ubuntu 16.04 VDA according to the example above. Next time you log in to a Linux VDA session, there will be no GNOME Keyring prompt.

Related:

Leave a Reply