xrdp version

0.9.17

Detailed xrdp version, build options

xrdp 0.9.17
  A Remote Desktop Protocol Server.
  Copyright (C) 2004-2020 Jay Sorg, Neutrino Labs, and all contributors.
  See https://github.com/neutrinolabs/xrdp for more information.

  Configure options:
      --enable-ipv6
      --enable-jpeg
      --enable-fuse
      --enable-rfxcodec
      --enable-opus
      --enable-painter
      --enable-vsock
      --build=x86_64-linux-gnu
      --prefix=/usr
      --includedir=${prefix}/include
      --mandir=${prefix}/share/man
      --infodir=${prefix}/share/info
      --sysconfdir=/etc
      --localstatedir=/var
      --disable-silent-rules
      --libdir=${prefix}/lib/x86_64-linux-gnu
      --libexecdir=${prefix}/lib/x86_64-linux-gnu
      --disable-maintainer-mode
      --disable-dependency-tracking
      --with-socketdir=/run/xrdp/sockdir
      build_alias=x86_64-linux-gnu
      CFLAGS=-g -O2 -ffile-prefix-map=/build/xrdp-asBei3/xrdp-0.9.17=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security 
      LDFLAGS=-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -flto=auto -Wl,-z,relro -Wl,-z,now -Wl,--as-needed
      CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2 -Wno-error=deprecated-declarations
      PKG_CONFIG_PATH=/build/xrdp-asBei3/xrdp-0.9.17/pkgconfig

  Compiled with OpenSSL 3.0.2 15 Mar 2022

Operating system & version

Ubuntu 22.04

Installation method

dnf / apt / zypper / pkg / etc

Which backend do you use?

xorgxrdp

What desktop environment do you use?

GNOME

Environment xrdp running on

Physical: 00:02.0 VGA compatible controller: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Integrated Graphics Controller (rev 21)

What's your client?

Windows 11 RemoteDesktop

Area(s) with issue?

Session manager (sesman)

Steps to reproduce

Start up RDP session

Launch VS code (no extensions)

Observe popups for "gnome-keyring was not unlocked" with prompts to enter password

✔️ Expected Behavior

Gnome keyring should be unlocked when logging in remotely.

❌ Actual Behavior

Gnome keyring was not unlocked

Anything else?

There's quite a lot of rabbit holes on this, but I found the following information that zero'd in on the problem:

• Christian Pernegger reported this issue to the Debian maintainers in 2016: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818936
• This references a lightdm PAM configuration file at https://github.com/davvid/lightdm/blob/master/debian/lightdm.pam

My out-of-the-box /etc/pam.d/xrdp-sesman looks like this:

#%PAM-1.0
auth required pam_env.so readenv=1
auth required pam_env.so readenv=1 envfile=/etc/default/locale
@include common-auth
@include common-account
@include common-session
@include common-password

To fix the issue, I added these lines:

• In common-auth: auth optional pam_gnome_keyring.so
• In common-session: session optional pam_gnome_keyring.so auto_start

VS Code simply exposes the issue, because it uses evolution under the hood, which is why it's not related to any specific VS code extension. It seems the issue is related to how XRDP isn't enabling the necessary libraries. Obviously there's a lot of other stuff that could be added in here, like libkwallet, etc...

Is there an easier way to add these things to the template config file installed with xrdp? Check for dependencies at install and then add them? Most users are going to follow all the terrible advice on the internet and do things like change it to an empty password, launch apps with an option to force plaintext password stores, etc...