Mailinglist Archive: opensuse-bugs (4751 mails)

< Previous Next >
[Bug 1045886] ecryptfs problems with recent Tumbleweed
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Fri, 07 Jul 2017 15:37:23 +0000
  • Message-id: <bug-1045886-21960-XbK3sNMmiC@http.bugzilla.novell.com/>
http://bugzilla.novell.com/show_bug.cgi?id=1045886
http://bugzilla.novell.com/show_bug.cgi?id=1045886#c28

--- Comment #28 from Franck Bui <fbui@xxxxxxxx> ---
(In reply to Andrei Borzenkov from comment #6)
2. Now lets look at keyrings immediately after logon

bor@10:~> : Before ecryptfs-setup
bor@10:~> cat /proc/keys
023c3b10 I--Q--- 1 perm 0b0b0000 0 0 user invocation_id: 16
05088f05 I--Q--- 88 perm 3f030000 0 0 keyring _ses: 1
2344184f I--Q--- 41 perm 3f030000 1000 100 keyring _ses: 1
bor@10:~> keyctl show -x @s
Keyring
0x05088f05 --alswrv 0 0 keyring: _ses
0x023c3b10 ----s-rv 0 0 \_ user: invocation_id

Note - our session keyring is owned by user 0!!! So it is the one inherited
from systemd service. (Heck, is there any way to list session keyrings for
each process?)

I don't see why the session keyring is owned by root here. The ownership is
supposed to be changed here:

https://github.com/systemd/systemd/blob/master/src/core/execute.c#L2127

It looks like for some reasons KEYCTL_CHOWN doesn't work...

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >