Hi team, I'm working on accessing kernel keyring in my application started using systemd. The list of steps I'm doing: 1. Starting a systemd service with `KeyringMode=shared` as a SPECIFIC USER 2. In the `ExecStartPre`, I'm launching a subprocess that invokes `systemd-ask-password` to accept the input and store it in the USER's kernel keyring 3. In the main program started using `ExecStart`, I'm accessing the value stored in the keyring I'm able to access the values from my main program -- everything works as expected! When I try to login as that specific user and do a `keyctl show @u`, I find the entry. However, when I try to do `keyctl print <keyID>`, it throws "Permission Denied" error. IIUC, this protects the keys in the keyring from accessing outside the systemd service. Is it the desired behaviour? I have the sample systemd unit file available in [1]. [1] https://github.com/SilleBille/keyctl-java-test/blob/master/pki-tomcatd-nuxwdog%40pki-tomcat.service Thanks, Dinesh _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Systemd and kernel keyring
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Systemd and kernel keyring
- From: Dinesh Prasanth Moluguwan Krishnamoorthy <dmoluguw@xxxxxxxxxx>
- Date: Wed, 05 Dec 2018 19:11:30 -0800
- Follow-Ups:
- Re: Systemd and kernel keyring
- From: Lennart Poettering
- Re: Systemd and kernel keyring
- From: Sietse van Zanen
- Re: Systemd and kernel keyring
- Prev by Date: Re: [PATCH v2 BlueZ] hid2hci: Fix udev rules for linux-4.14+
- Next by Date: Re: Systemd and kernel keyring
- Previous by thread: fchmod_opath() - why is this not in the kernel?
- Next by thread: Re: Systemd and kernel keyring
- Index(es):
 |