[systemd-devel] Passing secrets via persistent keyring

[Bruno Vernay]

I setup an example where a service is expecting a secret to be
available in its user's persistent keyring.  It can crash and restart
or maybe it is a timer and it does not want to bother asking/reading
secrets.

It works, but I hoped to be able to remove access to the secret from
the user that had set it, maybe days ago.

I did not find a way to do it
- no one has the right to change persistent keyring attributes
- I can always link it to my own session
- then I am possessor and have rights on all the persistent keyring
- (for what I understand the restrict_key does not work in that case)

Any hint would be welcome!

I made it short about 2 files 20 useful lines each:
https://gitlab.com/BrunoVernay/systemd-playground/blob/master/12-keyring/t1/run.sh