On Fri, Dec 7, 2018 at 9:47 PM Dinesh Prasanth Moluguwan Krishnamoorthy <dmoluguw@xxxxxxxxxx> wrote:
Oh damn! Yes. It worked!
So, my next question would be "how to avoid it?"
To expand a bit more:
I want to make these passwords inaccessible outside the systemd service
even by that USER. (or does it sound something contradictory?)
Regards,
Dinesh
It does sound contradictory; it rarely makes sense to isolate the user from themselves.
It might be *possible* to set the key's permissions such that only the "possessor" has full permissions, but the "uid/gid/other" have none. (e.g. keyctl setperm <id> 0x3f000000).
Mantas Mikulėnas
_______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
