core: change KeyringMode= to "shared" by default for non-service units in the system manager (#8172)

Before this change all unit types would default to "private" in the system service manager and "inherit" to in the user service manager. With this change this is slightly altered: non-service units of the system service manager are now run with KeyringMode=shared. This appears to be the more appropriate choice as isolation is not as desirable for mount tools, which regularly consume key material. After all mounts are a shared resource themselves as they appear system-wide hence it makes a lot of sense to share their key material too. Fixes: #8159
2018-02-20 08:53:34 +01:00 · 2018-02-20 08:53:34 +01:00 · 00f5ad93b5
parent 6f58ff2325
commit 00f5ad93b5
3 changed files with 6 additions and 3 deletions
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@ -631,8 +631,8 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
        processes. In this modes multiple units running processes under the same user ID may share key material. Unless
        <option>inherit</option> is selected the unique invocation ID for the unit (see below) is added as a protected
        key by the name <literal>invocation_id</literal> to the newly created session keyring. Defaults to
-        <option>private</option> for the system service manager and to <option>inherit</option> for the user service
-        manager.</para></listitem>
+        <option>private</option> for services of the system service manager and to <option>inherit</option> for
+        non-service units and for services of the user service manager.</para></listitem>
      </varlistentry>

      <varlistentry>
--- a/src/core/service.c
+++ b/src/core/service.c
@ -120,6 +120,9 @@ static void service_init(Unit *u) {
        s->guess_main_pid = true;

        s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
+
+        s->exec_context.keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
+                EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
 }

 static void service_unwatch_control_pid(Service *s) {
--- a/src/core/unit.c
+++ b/src/core/unit.c
@ -186,7 +186,7 @@ static void unit_init(Unit *u) {
                exec_context_init(ec);

                ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
-                        EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
+                        EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
        }

        kc = unit_get_kill_context(u);