[systemd-devel] keyrings and dbus

Josef Moellers jmoellers at suse.de
Tue Jun 11 12:34:17 UTC 2019


On 11.06.19 14:32, Josef Moellers wrote:
> On 11.06.19 13:27, Mantas Mikulėnas  wrote:
>> On Tue, Jun 11, 2019 at 1:58 PM Josef Moellers <jmoellers at suse.de
> 
>>     The point is that in the gnome-terminal case, pam_keyinit.so is not
>>     involved.
>>
>>
>> It is. The systemd --user instance (from which dbus-daemon and
>> gnome-terminal-server descend) has its own PAM stack and can call
>> pam_keyinit.so if needed.
> 
> Strange thing is, that it already does!
> 
> /etc/pam.d/systemd-user:
> session  optional       pam_keyinit.so force revoke
> 
> So, even if a keyring exists, a new one user keyring would be created

That should have been "a new session keyring"
> ("force"), but apparently none exists.

Josef, confused but trying to continue
-- 
SUSE Linux GmbH
Maxfeldstrasse 5
90409 Nuernberg
Germany
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah
HRB 21284 (AG Nürnberg)


More information about the systemd-devel mailing list