Re: [systemd-devel] Systemd and kernel keyring

2018-12-10 Thread Bruno Vernay
Right when I feel I started to better understand Possession and Keyrings, I had this: > keyctl describe 14242397 14242397: alsw-v-- 1002 100 user: keyInUsr > keyctl print 14242397 mySecret-1 How can I read a key when no one has read rights? Is there some caching going on? Some

Re: [systemd-devel] Systemd and kernel keyring

2018-12-10 Thread Mantas Mikulėnas
On Fri, Dec 7, 2018 at 9:47 PM Dinesh Prasanth Moluguwan Krishnamoorthy < [email protected]> wrote: > Oh damn! Yes. It worked! > > So, my next question would be "how to avoid it?" > > To expand a bit more: > > I want to make these passwords inaccessible outside the systemd service > even by that

Re: [systemd-devel] Systemd and kernel keyring

2018-12-10 Thread Sietse van Zanen
session keyring for your service. -Sietse From: Dinesh Prasanth Moluguwan Krishnamoorthy Sent: Friday, December 7, 2018 20:47 To: Sietse van Zanen; [email protected] Subject: Re: [systemd-devel] Systemd and kernel keyring Oh damn! Yes. It

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Dinesh Prasanth Moluguwan Krishnamoorthy
keyctl unlink @u @s > [uglymotha@rdsan01 ~]$ keyctl print 268450157 > keyctl_read_alloc: Permission denied > > -Sietse > > -Original Message- > From: Dinesh Prasanth Moluguwan Krishnamoorthy > Sent: Thursday, 6 December, 2018 23:21 > To: Sietse van Zanen ;

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Dinesh Prasanth Moluguwan Krishnamoorthy
does keyctl show @us say? > > > > -Sietse > > > > > > -Original Message- > > From: Dinesh Prasanth Moluguwan Krishnamoorthy > > > > Sent: Thursday, 6 December, 2018 23:21 > > To: Sietse van Zanen ; > > [email protected]

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Dinesh Prasanth Moluguwan Krishnamoorthy
2018 23:21 > To: Sietse van Zanen ; > [email protected] > Subject: Re: [systemd-devel] Systemd and kernel keyring > > Hi Sietse, > > I tried doing that, but I wasn't able to link it: > > [pkiuser@localhost] $ keyctl show @u > Keyring > 461086211 --alswr

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Dinesh Prasanth Moluguwan Krishnamoorthy
asanth Moluguwan Krishnamoorthy > Sent: Thursday, 6 December, 2018 23:38 > To: Lennart Poettering > Cc: [email protected] > Subject: Re: [systemd-devel] Systemd and kernel keyring > > Hi Lennart, > > [pkiuser@localhost] $ keyctl list @u > 1 key in ke

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Lennart Poettering
On Do, 06.12.18 14:37, Dinesh Prasanth Moluguwan Krishnamoorthy ([email protected]) wrote: > Hi Lennart, > > [pkiuser@localhost] $ keyctl list @u > 1 key in keyring: > 114920030: --alswrv1717 user: nuxwdog:user > > That's the attrs of the created key.I'm not sure how to read these > at

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Sietse van Zanen
December, 2018 23:21 To: Sietse van Zanen ; [email protected] Subject: Re: [systemd-devel] Systemd and kernel keyring Hi Sietse, I tried doing that, but I wasn't able to link it: [pkiuser@localhost]  $ keyctl show @u Keyring  461086211 --alswrv 17 65534  keyring: _uid.3

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Sietse van Zanen
hnamoorthy Sent: Thursday, 6 December, 2018 23:21 To: Sietse van Zanen ; [email protected] Subject: Re: [systemd-devel] Systemd and kernel keyring Hi Sietse, I tried doing that, but I wasn't able to link it: [pkiuser@localhost] $ keyctl show @u Keyring 461086211 --alsw

Re: [systemd-devel] Systemd and kernel keyring

2018-12-07 Thread Sietse van Zanen
: Lennart Poettering Cc: [email protected] Subject: Re: [systemd-devel] Systemd and kernel keyring Hi Lennart, [pkiuser@localhost] $ keyctl list @u 1 key in keyring: 114920030: --alswrv1717 user: nuxwdog:user That's the attrs of the created key.I'm not sure h

Re: [systemd-devel] Systemd and kernel keyring

2018-12-06 Thread Dinesh Prasanth Moluguwan Krishnamoorthy
Hi Lennart, [pkiuser@localhost] $ keyctl list @u 1 key in keyring: 114920030: --alswrv1717 user: nuxwdog:user That's the attrs of the created key.I'm not sure how to read these attributes, though. Regards, Dinesh On Thu, 2018-12-06 at 14:38 +0100, Lennart Poettering wrote: > On Mi, 05.

Re: [systemd-devel] Systemd and kernel keyring

2018-12-06 Thread Dinesh Prasanth Moluguwan Krishnamoorthy
into the >kernel keyring of the root user > > -Sietse > > From: systemd-devel on > behalf of Dinesh Prasanth Moluguwan Krishnamoorthy < > [email protected]> > Sent: Thursday, December 6, 2018 04:11 > To: systemd-

Re: [systemd-devel] Systemd and kernel keyring

2018-12-06 Thread Lennart Poettering
On Mi, 05.12.18 19:11, Dinesh Prasanth Moluguwan Krishnamoorthy ([email protected]) wrote: > Hi team, > > I'm working on accessing kernel keyring in my application started using > systemd. > > The list of steps I'm doing: > > 1. Starting a systemd service with `KeyringMode=shared` as a SPECIFIC

Re: [systemd-devel] Systemd and kernel keyring

2018-12-06 Thread Bruno Vernay
> From: systemd-devel on > behalf of Dinesh Prasanth Moluguwan Krishnamoorthy > Sent: Thursday, December 6, 2018 04:11 > To: [email protected] > Subject: [systemd-devel] Systemd and kernel keyring > > Hi team, > > I'm working on acce

Re: [systemd-devel] Systemd and kernel keyring

2018-12-06 Thread Sietse van Zanen
6, 2018 04:11 To: [email protected] Subject: [systemd-devel] Systemd and kernel keyring Hi team, I'm working on accessing kernel keyring in my application started using systemd. The list of steps I'm doing: 1. Starting a systemd service with `KeyringMode=shared` as a

[systemd-devel] Systemd and kernel keyring

2018-12-05 Thread Dinesh Prasanth Moluguwan Krishnamoorthy
Hi team, I'm working on accessing kernel keyring in my application started using systemd. The list of steps I'm doing: 1. Starting a systemd service with `KeyringMode=shared` as a SPECIFIC USER 2. In the `ExecStartPre`, I'm launching a subprocess that invokes `systemd-ask-password` to accept the