a terse way to declare credentials to inherit from the service manager into a service. This option
may be used multiple times, each time defining an additional credential to pass to the unit.</para>
+ <para>Note that if the path is not specified or a valid credential identifier is given, i.e.
+ in the above two cases, a missing credential is not considered fatal.</para>
+
<para>If an absolute path referring to a directory is specified, every file in that directory
(recursively) will be loaded as a separate credential. The ID for each credential will be the
provided ID suffixed with <literal>_$FILENAME</literal> (e.g., <literal>Key_file1</literal>). When
/* Pass some minimal info about the unit and the credential name we are looking to acquire
* via the source socket address in case we read off an AF_UNIX socket. */
- if (asprintf(&bindname, "@%" PRIx64"/unit/%s/%s", random_u64(), unit, id) < 0)
+ if (asprintf(&bindname, "@%" PRIx64 "/unit/%s/%s", random_u64(), unit, id) < 0)
return -ENOMEM;
missing_ok = false;
maxsz = encrypted ? CREDENTIAL_ENCRYPTED_SIZE_MAX : CREDENTIAL_SIZE_MAX;
- if (search_path) {
+ if (search_path)
STRV_FOREACH(d, search_path) {
_cleanup_free_ char *j = NULL;
if (r != -ENOENT)
break;
}
- } else if (source)
+ else if (source)
r = read_full_file_full(
read_dfd, source,
UINT64_MAX,
*
* Also, if the source file doesn't exist, but a fallback is set via SetCredentials=
* we are fine, too. */
- log_debug_errno(r, "Couldn't read inherited credential '%s', skipping: %m", path);
+ log_full_errno(hashmap_contains(context->set_credentials, id) ? LOG_DEBUG : LOG_WARNING,
+ r, "Couldn't read inherited credential '%s', skipping: %m", path);
return 0;
}
if (r < 0)
projects / thirdparty / systemd.git / commitdiff
