How do you actually use secret-tool?

I’m working on a project that I think secret-tool would help a lot. The problem is that I have yet to figure out how to get it to return any of the test data I’ve added to my keyring.

My goal is to add a secret via seahorse (so it becomes available when I log in), and then use that secret in any scripts I write that need it.

If I use Seahorse and add a “password” with a description of “cake” to the Login keyring, then search for it, I can’t find it. (Oddly it gets added as a “stored note”, if that is relevant.)

$ secret-tool search --all --unlock Description cake
$ secret-tool search --all --unlock description cake
$ secret-tool search --all --unlock label cake   
$ secret-tool search --all --unlock Label cake
$ secret-tool lookup Description cake               
$ secret-tool lookup description cake
$ secret-tool search --all Description cake
$ secret-tool search --all description cake
$ secret-tool search --all label cake      
$ secret-tool search --all Label cake
$ secret-tool search --all Login cake
$ secret-tool search Login cake 
$ secret-tool search description cake
$ secret-tool search Description cake

To complicate matters I have not found any information on what in Seahorse actually maps to an “attribute” in secret-tool. I even tried reading the secret-tool source code (C isn’t my forte, but I at least have written a hello world in it) in Gitlab, as well as looking at the bash test scripts that were in the same directory.

Are my search skills just failing me and there’s an obvious guide out there I missed?

Or maybe someone could explain it here?

Thanks in advance!

You need to store the secret with a specific attribute in order to manage it by that attribute:

# Store secret
SECRET="12345678"
echo -n "${SECRET}" \
| secret-tool store --label="Secret for example.org" domain example.org

# Lookup secret
SECRET="$(secret-tool lookup domain example.org)"
echo "${SECRET}"

Seahorse and secret-tool store secrets using different default schema:

secret-tool search --all xdg:schema org.gnome.keyring.Note
secret-tool search --all xdg:schema org.freedesktop.Secret.Generic

See also:

2 Likes

Thanks! That will get me where I need to go. Your examples were exactly what I needed, and the links to the manual page and that source code are the references I was looking for. :smiley:

1 Like