]> git.ipfire.org Git - thirdparty/systemd.git/commit - man/systemd.exec.xml
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4e96262) | patch
core: add new per-unit setting KeyringMode= for controlling kernel keyring setup
authorLennart Poettering <lennart@poettering.net>
Thu, 14 Sep 2017 19:19:05 +0000 (21:19 +0200)
committerLennart Poettering <lennart@poettering.net>
Fri, 15 Sep 2017 14:53:35 +0000 (16:53 +0200)
commitb1edf4456eabc5951d76b96bc7df2db3feebe669
treefd33ab58c5b2c58d499373d421bbbcb8f7d573d1tree | snapshot
parent4e962627bce01c8927bb8f0170a53752f95d98e5commit | diff
core: add new per-unit setting KeyringMode= for controlling kernel keyring setup

Usually, it's a good thing that we isolate the kernel session keyring
for the various services and disconnect them from the user keyring.
However, in case of the cryptsetup key caching we actually want that
multiple instances of the cryptsetup service can share the keys in the
root user's user keyring, hence we need to be able to disable this logic
for them.

This adds KeyringMode=inherit|private|shared:

    inherit: don't do any keyring magic (this is the default in systemd --user)
    private: a private keyring as before (default in systemd --system)
    shared: the new setting
man/systemd.exec.xml diff | blob | blame | history
src/basic/missing.h diff | blob | blame | history
src/core/dbus-execute.c diff | blob | blame | history
src/core/execute.c diff | blob | blame | history
src/core/execute.h diff | blob | blame | history
src/core/load-fragment-gperf.gperf.m4 diff | blob | blame | history
src/core/load-fragment.c diff | blob | blame | history
src/core/load-fragment.h diff | blob | blame | history
src/core/unit.c diff | blob | blame | history
src/shared/bus-unit-util.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.