Before this change all unit types would default to "private" in the
system service manager and "inherit" to in the user service manager.
With this change this is slightly altered: non-service units of the
system service manager are now run with KeyringMode=shared. This appears
to be the more appropriate choice as isolation is not as desirable for
mount tools, which regularly consume key material. After all mounts are
a shared resource themselves as they appear system-wide hence it makes a
lot of sense to share their key material too.
Fixes: #8159
processes. In this modes multiple units running processes under the same user ID may share key material. Unless
<option>inherit</option> is selected the unique invocation ID for the unit (see below) is added as a protected
key by the name <literal>invocation_id</literal> to the newly created session keyring. Defaults to
- <option>private</option> for the system service manager and to <option>inherit</option> for the user service
- manager.</para></listitem>
+ <option>private</option> for services of the system service manager and to <option>inherit</option> for
+ non-service units and for services of the user service manager.</para></listitem>
</varlistentry>
<varlistentry>
s->guess_main_pid = true;
s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
+
+ s->exec_context.keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
+ EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
}
static void service_unwatch_control_pid(Service *s) {
exec_context_init(ec);
ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
- EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
+ EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
}
kc = unit_get_kill_context(u);
projects / platform / upstream / systemd.git / commitdiff