From 00f5ad93b5c3c0e09e6d135a6a82ac53fd97ceca Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 20 Feb 2018 08:53:34 +0100
Subject: [PATCH] core: change KeyringMode= to "shared" by default for
 non-service units in the system manager (#8172)

Before this change all unit types would default to "private" in the
system service manager and "inherit" to in the user service manager.

With this change this is slightly altered: non-service units of the
system service manager are now run with KeyringMode=shared. This appears
to be the more appropriate choice as isolation is not as desirable for
mount tools, which regularly consume key material. After all mounts are
a shared resource themselves as they appear system-wide hence it makes a
lot of sense to share their key material too.

Fixes: #8159
---
 man/systemd.exec.xml | 4 ++--
 src/core/service.c   | 3 +++
 src/core/unit.c      | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index f01599f656..d4dc2843ec 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -631,8 +631,8 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
         processes. In this modes multiple units running processes under the same user ID may share key material. Unless
         <option>inherit</option> is selected the unique invocation ID for the unit (see below) is added as a protected
         key by the name <literal>invocation_id</literal> to the newly created session keyring. Defaults to
-        <option>private</option> for the system service manager and to <option>inherit</option> for the user service
-        manager.</para></listitem>
+        <option>private</option> for services of the system service manager and to <option>inherit</option> for
+        non-service units and for services of the user service manager.</para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/src/core/service.c b/src/core/service.c
index f2d4333719..1997c82ac3 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -120,6 +120,9 @@ static void service_init(Unit *u) {
         s->guess_main_pid = true;
 
         s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
+
+        s->exec_context.keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
+                EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
 }
 
 static void service_unwatch_control_pid(Service *s) {
diff --git a/src/core/unit.c b/src/core/unit.c
index 0d0f10f5f7..8c0e157a90 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -186,7 +186,7 @@ static void unit_init(Unit *u) {
                 exec_context_init(ec);
 
                 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
-                        EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
+                        EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
         }
 
         kc = unit_get_kill_context(u);