Comment 14 for bug 932177

The current situation is a bit complicated, having gnome-keyring automatically unlocked on login involves a startup process in two steps, first it must be started and unlocked via the PAM module on login and after that the desired components (e.g. gpg-/shh-agent functionality) need to be initialized again and certain environment variables need to be set for the session. Details are at http://live.gnome.org/GnomeKeyring/RunningDaemon.

The main problem with the current Xfce desktop is that these environment variables are not properly set if GNOME-compatibility mode is disabled.
Because the components of gnome-keyring are initialized from desktop files in /etc/xdg/autostart the environment variables printed to stdout are simply lost. When using GNOME, gnome-keyring passes the environment variables via DBus to gnome-session, Xfce however doesn't implement that DBus interface and the only way to get these environment variables is enabling the GNOME-compatibility mode in xfce4-session which will run gnome-keyring --start again, capture its output and set the environment variables accordingly. This has two unwanted side-effects, gnome-keyring --start seems to enable all of gnome-keyring's components making it impossible to selectively disable components by modifying the corresponding autostart files and of course xfce4-session's GNOME-compatibility mode will also start everything in /etc/xdg/autostart which is marked OnlyShowIn=GNOME.

A separate but related problem affects the usage of plain GPG/SSH-agents without gnome-keyring. gpg-agent which can also provides ssh-agent functionality is started twice by default, first in /etc/X11/xdm/sys.xsession and later again in /etc/xdg/xfce4/xinitrc and that even if the gpg-agent functionality of gnome-keyring is used. /etc/X11/xdm/sys.xsession will not try to start ssh-agent if gnome-keyring is already running (although a running gnome-keyring does not necessarily imply that ssh-agent functionality will be provided because that could be disabled). /etc/X11/xdm/sys.xsession will however unconditionally start either seahorse-agent if seahorse is installed and the session is GNOME (although it would be perfectly fine to use with Xfce) or fall back to gpg-agent if installed. When gnome-keyring provides gpg-agent functionality this results in a useless seahorse-/gpg-agent process running in the session and is also inconsistent with how ssh-agent is handled. /etc/xdg/xfce4/xinitrc then does not detect an already running gpg-agent and starts yet another instance of gpg-agent with ssh-agent functionality (which may also be potentially useless if the corresponding gnome-keyring functionality is enabled) and thereby breaks the usage of plain ssh-/gpg-agent.