Profile decryption problem after last update
-
@Pathduck I'm hoping as long as I start VIvaldi in each distro with no encryption, there should be no problem.
Viv worked fine in all three distros before this recent change.
Of course, KDE Neon is my primary focus, so as long as I get Viv working there, I'm good.
I've now reviewed your links, and tho interesting, I did not see any possiblity of saving my current profile.
-
As I said before, "When I restored the original .desktop file used to start flatpak Viv, and re-enabled Kwallet, instead of working on KaOS as before, now I also get the "Who's using ...?" window."
This was perplexing, but now I have a clue. When Viv is sitting at the "Who's using ..." window, I run ps aux | grep -i vivaldi on the command line, which shows lots of Viv processes. Three are very interesting tho:
ps aux | grep -i vivaldi | grep password
george 2913 0.2 0.0 2540 1716 ? Ss 19:48 0:00 bwrap --args 40 -- vivaldi --password-store=basicgeorge 2925 0.2 0.0 2540 1440 ? S 19:48 0:00 bwrap --args 40 -- vivaldi --password-store=basic
george 2926 9.2 0.6 34233564 200824 ? Sl 19:48 0:00 /app/vivaldi/vivaldi --disable-features=WebAssemblyTrapHandler,DesktopPWAsRunOnOsLogin --password-store=basic --no-default-browser-check
The two "bwrap" are flatpak related. I don't know anything about the vivaldi one. But even tho I've removed the "--password-store=basic" flag from the command line, it's still being remembered somewhere!
Need more research ...
-
OK, copied the flatpak command from the .desktop file, and ran it on the command line, with only the addition of -vv, to get very verbose output to see if I could see where "--password-store-=basic" was coming from.
Surprisingly, VIv came right up, with NO "Who's using ..." window!
In ps aux, the bwraps were there, but they did NOT include password-store. Nor was the other occurrence present.
So I can now run Viv again in KaOS, as long as I use the command line.
-
Unfortunately, just using one distro did not stop my profile getting also locked. I'll keep an eye on this; when Vivaldi releases another update, I'll report here when things start breaking again.
-
OK, I got Viv working normally on KDE Neon again, withOUT needing to create a new profile.
I just copied the two files in ~/.local/share/kwalletd from the working-Viv KaOS install to the same directory in the Neon install, enabled kwallet in Neon, then logged out of Neon and back in.
In this case, I DID get tripped up on a two distro problem. To make a long story short, to share the Plasma desktop setup between KaOS and Neon, instead of using a forest of symlinks, I created a rsync shell script that used a list of folders to sync. Unfortunately, I failed to rsync the two at one point when I was messing with kwallet trying to get kmail to work, and so the wallets became desynchronized. (BTW, kmail wasn't worth the trouble ...)
Anyway, since Viv is now working in Neon again, so I'm good to go.
-
Going back now to the original issue of the surprise "Who's using ..." window, this certainly is not the way I would have setup the Vivaldi (or Chromium) change.
My first rule is always "don't break anything".
I agree the whole thing is complex, but I might have considered something like this as a STARTING point:
Instead of the "Who's using ..." window and the "data loss" window, go to another window saying as of such-and-such date, a new security check has been added. Your current situation is (whatever it is).
The user is given buttons for "Remind me later" (i.e. next time I start the browser), "Continue my current setup", and something about how to "fix" things.
I would never tell the user to "unlock or repair your key store" without some indication of how to do it.
If "Profile 1" or the like is mentioned, it should state whether that's what you've been using up to now or whether it's some default profile.
(I'm not sure why any data loss should even be needed, but that's a different issue.)
For knowledgeable people, it might be good to mention what secret service is being used.
Anyway, seems to be lots of room for improvement there.
Otherwise, Vivaldi is great!
-
One more thing on the way Vivaldi is handling this, that I forgot to mention above.
What if Viv is your only installed browser? Then when you see the "Who's using ..." and "data loss" windows and think, like me, oh gosh I need to research this --- you'll need to install another browser to do it.
-
@georgep
Hi, does other Chromium browser does the same?
I guess this message is not from Vivaldi.
Some time age I could not start KDE and had to use Xfce and got the same message.Cheers, mib
-
@mib2berlin I used my fully updated backup-browser Chrome since the Viv problem started, and it always worked normally.
-
I searched a bit harder for a reason, and found that, when I rebooted my laptop, my profiles got locked again, and also, I was logged out of Slack. I thought this was no coincidence, and I installed
seahorseto inspect my keyring. It was unlocked properly, but I noticed a lot of 'Chrome Safe Storage' entries. One was linked tochrome, so Vivaldi, but Slack also had one. I therefore think Chromium messed something up, or at least there is a bug in the interface between Gnome keyring and Chromium. Weirdly enough, Discord also is a Chrome Safe Storage item but I'm still logged in there. Maybe this requires filing a bug at the Chromium Project. -
To reiterate, other Chromium browsers and older versions of Vivaldi silently deleted saved passwords and cookies. The only thing that has changed from previous versions is that we warn you before that happens. (The profile switcher being shown at the same time as the warning is a bug.)
I’m working on better documentation for what to do when this dialog comes up. It can also appear on other platforms, e.g. when opening a Vivaldi profile created with one Windows user account using another account or computer.
-
Hey folks I read the thread but am totally lost. Even V team says its confusing??! What are exact steps to fix? Environment? What is that???! I am on OSX > chaged my osx user log in pass last night is only thing i did.
-
@bobmane Had you copied profile data between different Linux PC, Linux Desktop environments or Linux users?
Has you changed Linux password system (GNOME keyring, KDE Kwallet)? -
@DoctorG I have not manually done anything other than launch and run the browser in os x. And nothing in browser beyond configuring tabs while using. When you say Linux do you mean lower level code aspects of osx?
Are GNOME keyring, KDE Kwallet in osx or only Linux?
I did have a weird issue in os x with my user login password the day before this issue happened. Never in 20 years of osx had it happened. Out of nowhere, I noticed I was able to login via lockscreen without password (something I never allow). When I tried to change my pass it would not accept the old one. I had to boot into recovery > terminal > resetpassword to get new pass. now like expected and how it should be, i have to enter pass at login once again - but why it happened is unknown. I am still thinking about it but dont have conclusive answer yet. Either a. my teen son accessed my computer and messed with settings, b. i got hacked c. a glitch/bug in osx after recent update to Sonoma. d. senior moment i did something and forgot i had.
In any case, I have considered restoring from a time machine backup in case it was b or c - but the computer is working fine now (other than Vivaldi issue) so I am still looking at it. OSX has been introducing ever more "features" all centered around getting you to use iCloud / walled garden and since I avoid all that stuff when i am dragged into that it can be confusing. e.g. you have user login, apple.com login, app store, icloud etc...kind of a nightmare.
but yeah this issue happened after my password drama in osx. Now I am just stuck at that message and my response is I just quit V since i dont know what to do with the message or what action to take
-
@bobmane Ah, is not Linux?
Asking at https://forum.vivaldi.net/category/34/vivaldi-for-macos better way.Perhaps related to existing bug VB-104366
"[Secure Storage] Handle locked secure storage backends" - In Progress -
@DoctorG ok thanks, also hoping Danial or v team will reply since i just want a fix and he seemed to indicate it is a known bug
fwiw can not find
[Secure Storage] Handle locked secure storage backends -
@bobmane From your description I take it you force-reset the account password which also requires the User Keychain to be reset.
Now
Vivaldirefers to a non-existent entry without which it will not be able to decrypt its own secret storage.
It may be possible to restore from a backup and you will have to remember the old password (valid at the time of backup).The alternative is to allow
Vivaldito discard its current secret store and start afresh ("…continue, but lose data?"). -
@georgep depending on the platform, there are 3-5 ways to mess this up:
- sharing user folders
- resetting passwords
- copying profile folders between machines
- using different secret storage providers
The
Vivaldiapproach is (as @daniel wrote) already a step up from upstreamChromiumbehavior.The general recovery is
- you need to know what you changed
- revert that
- export the passwords
- switch back to the new state
- import the passwords
With most people denying they did anything at all, chances of finding a way to describe any recovery process may be considered slim.
Using
--password-store=basicis the only portable (but most insecure) secret storage setup.
It must be then used by all instances using that profile.
And of course, there should be no prior state with a different secret store already configured in that profile. -
I managed to solve this issue by updating Vivaldi to the latest version (6.8.3381.46-1). I guess some kind of weird bug in Chromium had been fixed.
-
@NiRo1205 said in Profile decryption problem after last update:
updating Vivaldi to the latest version
i updated Vivaldi to the latest version same bug, got impatitnt and blew out all passwords...lesson learned on osx keychain with v
seem to have just blown out cookies and passwords. all history and tabs still there which helps
