Keyring Database Module


This module allows access to the keyring package using an sdb:// URI. This package is located at

Care must be taken when using keyring. Not all keyend backends are supported on all operating systems. Also, many backends require an agent to be running in order to work. For instance, the "Secret Service" backend requires a compatible agent such as gnome-keyring-daemon or kwallet to be running. The keyczar backend does not seem to enjoy the benefits of an agent, and so using it will require either that the password is typed in manually (which is unreasonable for the salt-minion and salt-master daemons, especially in production) or an agent is written for it.

Like all sdb modules, the keyring module requires a configuration profile to be configured in either the minion or master configuration file. This profile requires very little. In the example:

  driver: keyring
  service: system

The driver refers to the keyring module, service refers to the service that will be used inside of keyring (which may be likened unto a database table) and mykeyring refers to the name that will appear in the URI:

password: sdb://mykeyring/mypassword

The underlying backend configuration must be configured via keyring itself. For examples and documentation, see keyring:

New in version 2014.1.4.

salt.sdb.keyring_db.get(key, service=None, profile=None)

Get a value from a keyring service

salt.sdb.keyring_db.set(key, value, service=None, profile=None)

Set a key/value pair in a keyring service