-
-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
keyctl_read_alloc: permission denied #95928
Comments
I marked this as stale due to inactivity. → More info |
Did you figure out something @ralsei ? Just ran into this myself on unstable. Linking |
I wasn't able to figure this out, no. Sorry. |
This is still an issue with the latest nixos-unstable. |
From my understanding, the problem resides in
The
I am unable to understand what is the default kernel's behavior, probably, we should have Though, if we want this to work in our "graphical session", we probably need to put it at the session scope level. If we want this to work in our "user session" (i.e. (P|T)TY - including ssh -, graphical session), we need to put it at the slice level but Probably the smart thing to do to exploit the features completely is to determine the usecases. (1) "unsecure" config:
In all the cases, I feel like this is suboptimal, what I want is probably process-level keyring but handled by systemd that survives across restarts which is (An alternative is to use |
Describe the bug
keyctl
from thekeyutils
package is unable to read from the user session, even as root.To Reproduce
This is very similar to an old systemd bug. Replacing
@u
with@s
here functions fine.Expected behavior
keyctl read <id>
should... read the data at the given ID.Metadata
The text was updated successfully, but these errors were encountered: