On Fri, 2020-05-15 at 12:17 -0700, Jerry Snitselaar wrote: > On Fri May 15 20, Jarkko Sakkinen wrote: > > On Thu, May 14, 2020 at 08:44:23PM -0700, James Bottomley wrote: > > > On Fri, 2020-05-15 at 05:22 +0300, Jarkko Sakkinen wrote: [...] > > > > sudo ./keyctl-smoke.sh > > > > 566201053 (0x80000000) > > > > keyctl_read_alloc: Permission denied > > I get keyctl_read_alloc -EPERM when I 'sudo su' and try to play with > keyctl print. > If I 'sudo su -' and then try it works as expected. Also works for > normal user. OK, I confirm on debian as well. If I create a key as real root and then try to sudo su keyctl pipe it as an ordinary user, I get EPERM. It smells like a cockup in real vs effective permissions somewhere in the keyctl handler. James
