On Tue, 2021-11-23 at 23:41 -0500, Eric Snowberg wrote: > The machine keyring is setup during init. No additional keys should be > allowed to be added afterwards. Leave the permission as read only. > > Signed-off-by: Eric Snowberg <eric.snowberg@xxxxxxxxxx> > Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> For completeness (even if stating the obvious) it would be nice to say explicitly why no additional keys are not allowed after the init. /Jarkko
