Azure-storage-azcopy: Login fails with "failed to get keyring" on WSL
Which version of the AzCopy was used?
Note: The version is visible when running AzCopy without any argument
AzCopy 10.0.5-Preview
Which platform are you using? (ex: Windows, Mac, Linux)
Ubuntu 18.04 on Windows Subsystem for Linux, Windows 10 build 18312
What command did you run?
Note: Please remove the SAS to avoid exposing your credentials. If you cannot remember the exact command, please retrieve it from the beginning of the log file.
azcopy login
What problem was encountered?
After authenticating through https://microsoft.com/devicelogin with the authentication code (which shows success), login fails with error
Error: failed to perform login command, failed to get keyring during saving token, function not implemented
How can we reproduce the problem in the simplest way?
- Install
Ubuntufrom Windows store - Open it, download azcopy from
https://aka.ms/downloadazcopy-v10-linuxand unpack - Run
azcopy login, go through the prompts
Have you found a mitigation/solution?
No, tried installing a keyring through sudo apt install gnome-keyring but that did not solve the problem.
caksoylar
All 6 comments
Hi, caksoylar
Thanks for reaching us! We will further test your scenario. And will update the thread later.
Best Regards,
Jiachen
jiacfan
on 21 Jan 2019
Hi, @caksoylar
AzCopy on Linux is using Linux embedded keyring, while we can repro your issue, that on Ubuntu 18.04 on Windows Subsystem for Linux, even with keyctl, keyring cannot be used properly, e.g.:
root@MS-JIACFAN-PC6:/mnt/c# keyctl list @s
keyctl_read_alloc: Function not implemented
Would you try to use it on standard Linux distro? At same time, we'll discuss and consider to add support for Ubuntu 18.04 on Windows Subsystem for Linux.
Thanks,
Jiachen
jiacfan
on 21 Jan 2019
Thanks for the investigation and reply @jiacfan, sorry to hear this is a shortcoming of WSL. I don't have a real Linux system to test on, but I'll try to do my work with azcopy on Windows until a solution can be found.
caksoylar
on 21 Jan 2019
@caksoylar
Thanks for updating the info!
jiacfan
on 22 Jan 2019
I ran into a similar azcopy issue in a Docker Container.
Which version of the AzCopy was used? azcopy v10.2.1
Which platform are you using? RHEL7.x and Docker Container
What command did you run? azcopy login --service-principal --certificate-path
What problem was encountered?
Failed to perform login command:
failed to get keyring during saving token, operation not permitted
Have you found a mitigation/solution?
The container was running with "seccomp". The quickest resolution is to run the image with "seccomp" disabled. See link for resolution: https://docs.docker.com/engine/security/seccomp/
I also needed to "yum install keyutils".
I am able to "azcopy login" with a service principal that has a public certificate in a docker container.
sac8m
on 6 Aug 2019
Thanks for sharing that info @sac8m!
JohnRusk
on 7 Aug 2019
Related issues
Ilanak
路
4Comments
brettrowberry
路
4Comments
DavidLafond
路
5Comments
IGx89
路
4Comments
TiloWiklund
路
5Comments
Most helpful comment
I ran into a similar azcopy issue in a Docker Container.
Which version of the AzCopy was used? azcopy v10.2.1
Which platform are you using? RHEL7.x and Docker Container
What command did you run? azcopy login --service-principal --certificate-path
What problem was encountered?
Failed to perform login command:
failed to get keyring during saving token, operation not permitted
Have you found a mitigation/solution?
The container was running with "seccomp". The quickest resolution is to run the image with "seccomp" disabled. See link for resolution: https://docs.docker.com/engine/security/seccomp/
I also needed to "yum install keyutils".
I am able to "azcopy login" with a service principal that has a public certificate in a docker container.