[systemd-devel] Have 'session' keyrings per service

Zbigniew Jędrzejewski-Szmek zbyszek at in.waw.pl
Fri Aug 9 04:37:48 PDT 2013


On Thu, Aug 08, 2013 at 12:15:59PM +0200, Stef Walter wrote:
> So perhaps cryptsetup would put the password in its own named keyring,
> and then gdm.service would have:
> 
> [Service]
> Keyrings=@cryptsetup
> 
> Which tells systemd to link the cryptsetup keyring into the gdm
> (session) keyring. That makes gdm be able to find and use keys in the
> cryptsetup keyring.
> 
> I think I've figured out a way to implement the above. But anyone
> already thought about this? Other use cases?
Sounds pretty cool. If you can get this working with this approach
that would be great. If there are any limitations, they should become
apparent after the first implementation.

Zbyszek


More information about the systemd-devel mailing list