James Bond went on a new mission and this time as a Secret Service provider.

The repository consists of the following projects:

• cargo-credential: a cargo credential provider
• cli: a secret-tool replacement
• client: the client side library
• pam: PAM integration for the server implementation
• portal: org.freedesktop.impl.portal.Secret implementation
• server: org.freedesktop.secrets server implementation

The daemon can be testing by simply compiling and running the binary with

cargo run --bin oo7-daemon -- --verbose --replace --login

Note however that if gnome-keyring-daemon is running, it will need to be killed directly before running oo7-daemon, as it is not running as a systemd service.

The oo7-portal service can be tested using systemd-sysext. Directly running the binary is possible, but without a oo7-portal.portal file, xdg-desktop-portal will ignore it.

First build the services on its subdirectory:

cd oo7-portal
meson setup --prefix=/usr _build
meson compile -C _build
DESTDIR=oo7-extension meson install -C _build

This will create a oo7-extension directory under oo7-portal/_build, which can be moved to /run/extensions, afterwards extensions can be reloaded via

systemd-sysext refresh --force

The portal can be then started with:

/usr/libexec/oo7-portal --replace --verbose

In order for xdg-desktop-portal to use oo7-portal as a server for org.freedesktop.impl.portal.Secret it needs to be configured via a portals.conf file at /etc/xdg-desktop-portal/portals.conf, see the portals.conf(5) man page.

This can be achieved by creating a file at ~/.config/xdg-desktop-portal/gnome-portals.conf with contents:

[preferred]
default=gnome;gtk;
org.freedesktop.impl.portal.Secret=oo7-portal;gnome-keyring;

and then, restarting xdg-desktop-portal via

systemctl restart --user xdg-desktop-portal

If more output is required, the later can be replaced with:

/usr/libexec/xdg-desktop-portal --replace --verbose

The project is released under the MIT license.