I don't use gnome-keyring but based on my understanding of Slackware PAM configuration files and this Gnome Keyring documentation, you get the following process out of the box.

Slackware PAM configuration file will automatically launch gnome-keyring when you log in using either the console, xdm or kdm.
It will open your 'login' keyring using your user password.

Prerequisite: you must use the 'login" keyring and make its password the same as your user password.

If you are using a display manager not provided by Slackware (ex: gdm, lxml), you should make sure it is compiled with PAM support (if it's possible at all). The PAM-enabled display manager should have its own configuration file in /etc/pam.d that will most probably need to be tweaked.

1 members found this post helpful.

Hi.

What's the point in the following lines in /etc/pam.d/system-auth:

The pam_gnome_keyring.so never gets executed with successful login because of the sufficient in pam_unix.so.

EDIT: Apparently this was already brought up by Gazl in this comment.

1 members found this post helpful.

This has now been corrected in current.

Other comments posted by GazL are also being considered.

1 members found this post helpful.

This documentation of gnome keyring states that the login keyring is created automatically. In my case the "login" keyring was not auto-magically created, leading to google-chrome creating its own keyring as the default. I used sbopkg to install seahorse and seahorse-plugins, which is called "Passwords and Keys" in the XFCE | system menu, and then added the login key with my login password. Whether this accomplished anything is at present unknown, but I have no trouble logging in or using XFCE. I was using Fluxbox and then switched to XFCE for my window manager and have tried to use non-kde applications with XFCE. Most Slackware users would probably have similar issues with the kde kwallet application.

For me, the concern is not the technical details of how Slackware implements pam, but the information describing the basics for the user. After spending a couple of hours reading about pam and gnome keyring, my conclusion is that security through obscurity is alive and well. One must realize that combinations of arrangements quickly become quite complicated. I think gnome-keyring is an encrypted data file similar to keepassx (which I have used for years), but it is tied into the background process, so if it fails there is no obvious context or explanation for the user. IMHO, a mysterious password security system is not really very helpful, so the main point is to prevent it from being a frustrating problem for users.

THAT has been the secret to my happy life.

Another question... What is the purpose of this pam_succeed_if line in system-auth:

It's completely redundant, as the next line will also grant access. Also I'm interested what should be special about UID < 100 and what has been the intent here.

I noticed that /etc/pam.d/sudo is missing from the sudo package. This means that when using sudo it will use /etc/pam.d/other, which is not good IMO. I have populated my /etc/pam.d/other with pam_deny.so so that unidentified programs don't get to authenticate with PAM (or in other words the default policy is to deny).

Edit: /etc/pam.d/sshd has "auth include postlogin" which does not make sense. Postlogin refers to stuff happening after authentication and the file itself contains only session lines.