[systemd-devel] Significance of KeyringMode in an unit file
Dinesh Prasanth Moluguwan Krishnamoorthy
dmoluguw at redhat.com
Wed Jan 23 02:47:08 UTC 2019
Hello,
I am interested in knowing more about defining the `KeyringMode=` in a
systemd unit file especially when combined with `User=`.
I read the official doc:
https://www.freedesktop.org/software/systemd/man/systemd.exec.html#KeyringMode=
However, I wasn't able to understand the doc completely. I am more
interested in knowing about the `shared` mode. I had a few questions based
on the following snippet of systemd unit file:
ExecStartPre=<prompt password using systemd-ask-password and put it on
user keyring (@u)>
ExecStart=<start main program>
User=<user>
KeyringMode=shared
Here, <user> is similar to `jenkins`, which doesn't have a login shell and
<main program> reads the kernel keyring for the password.
IIUC, following takes place:
1. ExecStartPre starts as <user> process with a PID: pid1
2. ExecStart starts as <user> process with a PID: pid2
Q1. Between 1 & 2, since there is no active <user> process, will the user
keyring be dropped or will it survive?
Q2. What is the significance of `KeyringMode=shared` here? Does it apply to
keyring @u or just to @s keyring?
Regards,
Dinesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20190122/d8f4445a/attachment.html>
More information about the systemd-devel
mailing list