From 8eae407407d7d0bdc263680b7c9e8c38b773bb83 Mon Sep 17 00:00:00 2001 From: fuleyi Date: Thu, 12 Mar 2026 17:39:24 +0800 Subject: [PATCH] fix: prevent whitebox keyring from blocking xrdp remote login MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The original script directly started both gnome-keyring-daemon and deepin-keyring-whitebox during X session initialization, which caused issues with xrdp remote login sessions. The deepin-keyring-whitebox service was blocking xrdp connections. This change replaces the direct script execution with a systemd user service (dde-keyring.service) that includes conditional logic to skip deepin-keyring-whitebox startup when XRDP_SESSION environment variable is detected. The service properly handles both keyring components with appropriate dependencies and timeouts. Key changes: 1. Removed direct keyring startup from Xsession script 2. Added new systemd user service for keyring management 3. Added XRDP_SESSION environment check to skip whitebox in remote sessions 4. Maintained gnome-keyring functionality for all session types 5. Set proper service dependencies and timeout handling Log: Fixed xrdp remote login issue caused by deepin-keyring-whitebox service Influence: 1. Test local desktop login to ensure keyring services start normally 2. Test xrdp remote login to verify whitebox service is properly skipped 3. Verify gnome-keyring-daemon starts in both local and remote sessions 4. Check that password management and SSH key functionality work correctly 5. Test session startup time and service dependencies fix: 解决白盒密钥服务阻塞xrdp远程登录的问题 原脚本在X会话初始化时直接启动gnome-keyring-daemon和deepin-keyring- whitebox,这导致xrdp远程登录会话出现问题。deepin-keyring-whitebox服务会 阻塞xrdp连接。 此次更改将直接脚本执行替换为systemd用户服务(dde-keyring.service),该服务 包含条件逻辑,在检测到XRDP_SESSION环境变量时跳过deepin-keyring-whitebox 启动。该服务通过适当的依赖关系和超时设置来正确处理两个密钥环组件。 PMS: BUG-320847 主要变更: 1. 从Xsession脚本中移除直接启动密钥环的代码 2. 新增systemd用户服务用于密钥环管理 3. 添加XRDP_SESSION环境检查以在远程会话中跳过白盒服务 4. 为所有会话类型保持gnome-keyring功能正常 5. 设置正确的服务依赖关系和超时处理 Log: 修复deepin-keyring-whitebox服务导致的xrdp远程登录问题 Influence: 1. 测试本地桌面登录,确保密钥环服务正常启动 2. 测试xrdp远程登录,验证白盒服务被正确跳过 3. 验证gnome-keyring-daemon在本地和远程会话中都能启动 4. 检查密码管理和SSH密钥功能正常工作 5. 测试会话启动时间和服务依赖关系 --- misc/Xsession.d/97deepin-keyring-wb | 14 +++++--------- systemd/CMakeLists.txt | 7 +++++++ systemd/dde-keyring.service.in | 21 +++++++++++++++++++++ 3 files changed, 33 insertions(+), 9 deletions(-) create mode 100644 systemd/dde-keyring.service.in diff --git a/misc/Xsession.d/97deepin-keyring-wb b/misc/Xsession.d/97deepin-keyring-wb index 1ac4324..fbcb75c 100644 --- a/misc/Xsession.d/97deepin-keyring-wb +++ b/misc/Xsession.d/97deepin-keyring-wb @@ -1,11 +1,7 @@ #!/bin/sh -# Start deepin-keyring-whitebox and gnome-keyring-daemon for DDE session -if [ -x /usr/bin/gnome-keyring-daemon ]; then - echo "start gnome-keyring-daemon with components secrets,pkcs11,ssh" - /usr/bin/gnome-keyring-daemon --start --components=secrets,pkcs11,ssh || true -fi +# Trigger dde-keyring.service via systemd user instance. +# This service handles gnome-keyring-daemon and deepin-keyring-whitebox. -if [ -x /usr/bin/deepin-keyring-whitebox ]; then - echo "start deepin-keyring-whitebox client" - /usr/bin/deepin-keyring-whitebox --opt-client=waitfifonotify || true -fi \ No newline at end of file +if [ -f /usr/lib/systemd/user/dde-keyring.service ]; then + systemctl --user start dde-keyring.service +fi diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt index b60dd91..f92e2e3 100644 --- a/systemd/CMakeLists.txt +++ b/systemd/CMakeLists.txt @@ -7,6 +7,10 @@ configure_file(dde-session-exit-task.service.in configure_file(dde-session-shutdown.service.in dde-session-shutdown.service @ONLY) +configure_file(dde-keyring.service.in + dde-keyring.service + @ONLY) + set(SERVICES dde-session-initialized.target @@ -15,6 +19,7 @@ set(SERVICES dde-session-core.target ${CMAKE_CURRENT_BINARY_DIR}/dde-session-exit-task.service ${CMAKE_CURRENT_BINARY_DIR}/dde-session-shutdown.service + ${CMAKE_CURRENT_BINARY_DIR}/dde-keyring.service dde-session-shutdown.target dde-session.target ) @@ -26,6 +31,8 @@ set(DDE_SESSION_PRE_WANTS dde-session-pre.target.wants/dde-quick-login@x11.service ) + + # dde-session-core.target.wants - core desktop components install(DIRECTORY DESTINATION lib/systemd/user/dde-session-core.target.wants/) set(DDE_SESSION_CORE_WANTS diff --git a/systemd/dde-keyring.service.in b/systemd/dde-keyring.service.in new file mode 100644 index 0000000..0ba9ce9 --- /dev/null +++ b/systemd/dde-keyring.service.in @@ -0,0 +1,21 @@ +[Unit] +Description=Deepin Keyring Service (GNOME Keyring + Whitebox Client) +Documentation=man:gnome-keyring-daemon(1) +# Start after D-Bus session socket is available (set up by pam_systemd.so) +After=dbus.socket +PartOf=graphical-session.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/sh -c '\ + if [ -x /usr/bin/gnome-keyring-daemon ]; then \ + echo "start gnome-keyring-daemon with components secrets,pkcs11,ssh"; \ + /usr/bin/gnome-keyring-daemon --start --components=secrets,pkcs11,ssh; \ + fi; \ + if [ -x /usr/bin/deepin-keyring-whitebox ] && [ -z "$XRDP_SESSION" ]; then \ + echo "start deepin-keyring-whitebox client"; \ + /usr/bin/deepin-keyring-whitebox --opt-client=waitfifonotify & \ + fi' +Restart=no +TimeoutStartSec=180 \ No newline at end of file