I have a large set of scripts which interact with Active Directory in a corporate/enterprise environment. Rather than have to type in my AD password on each run, I built a gnomekeyring store and lookup into each script.
Now that I've upgraded to Ubuntu 18.04, all of these scripts are failing because it looks like python-gnomekeyring has been deprecated and deleted from the archives.
What replaced it? How do I securely store a password via a python script?
2 Answers
It has been replaced by module keyring (see ).
For Gnome Keyring, the backend of keyring can be either SecretService or Gnome.Keyring.
$ keyring --list
keyring.backends.kwallet.DBusKeyringKWallet4 (priority: 3.9)
keyring.backends.kwallet.DBusKeyring (priority: 4.9)
keyring.backends.chainer.ChainerBackend (priority: 10)
keyrings.alt.Gnome.Keyring (priority: 1)
keyring.backends.fail.Keyring (priority: 0)
keyring.backends.SecretService.Keyring (priority: 5)A default backend can be specified by creating $HOME/.config/python_keyring/keyringrc.cfg with
[backend]
default-keyring=keyring.backends.SecretService.KeyringIt appears that the answer is libsecret
However, it also appears that some functionality has been removed.
In libsecret you can unlock items directly, and the result is (with gnome-keyring daemon) that the enclosing collection will be unlocked.
It is no longer possible to pass a password to unlock keyrings. These are automatically prompted for.
