github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/libkb/secret_store_linux.go (about) 1 // Copyright 2019 Keybase, Inc. All rights reserved. Use of 2 // this source code is governed by the included BSD license. 3 4 //go:build linux && !android 5 // +build linux,!android 6 7 package libkb 8 9 func NewSecretStoreAll(mctx MetaContext) SecretStoreAll { 10 g := mctx.G() 11 sfile := NewSecretStoreFile(g.Env.GetDataDir()) 12 sfile.notifyCreate = func(name NormalizedUsername) { notifySecretStoreCreate(mctx, name) } 13 ssecretservice := NewSecretStoreRevokableSecretService() 14 15 if mctx.G().Env.GetForceLinuxKeyring() { 16 return ssecretservice 17 } 18 19 if mctx.G().Env.ForceSecretStoreFile() || mctx.G().Env.RunningInCI() { 20 return sfile 21 } 22 23 shouldUpgradeOpportunistically := func() bool { 24 return false 25 } 26 shouldStoreInFallback := func(options *SecretStoreOptions) SecretStoreFallbackBehavior { 27 if options != nil && options.RandomPw { 28 // With RandomPW, always fallback to file based secret store (safer 29 // choice on Linux). 30 return SecretStoreFallbackBehaviorAlways 31 } 32 // Use system keychain but fall back to file store if not available. 33 return SecretStoreFallbackBehaviorOnError 34 } 35 return NewSecretStoreUpgradeable(ssecretservice, sfile, "system keyring", "file-based secret store (see https://keybase.io/docs/crypto/local-key-security)", shouldUpgradeOpportunistically, shouldStoreInFallback) 36 }