Module keyring::secret_service
source · Expand description
secret-service credential store
Items in the secret-service are identified by an arbitrary collection of attributes, and each has “label” for use in graphical editors. The keyring client uses the following attributes:
target
(optional, defaults todefault
)service
(required)user
(required)application
(optional, always set torust-keyring
)
Existing items are always searched for at the service level, which means all collections are searched. Only the required attributes are used in searches, so 3rd party clients (such as v1 of this crate) that use matching service and user fields will have their items found by our searches. (Items we write with the same service and user attributes but different target attributes will also come back in searches, but they are filtered out of the results automatically.)
New items are always created with all four attributes, and if they have a non-default target then they are created in a collection whose label matches the target (creating it if necessary).
Setting the password on an entry will always update the password on an existing item in preference to creating a new item. This provides better compatibility with 3rd party clients that may already have created items that match the entry, and reduces the chance of ambiguity in later searches.