cryptsetup: make sure we invoke the cryptsetup tools with a shared keyring

We want that cryptsetup can cache keys between multiple invocations, and it does so via the root user's user keyring, hence let's share it among services. Replaces: #6286
author: Lennart Poettering <lennart@poettering.net> 2017-09-14 21:23:56 +0200
committer: Lennart Poettering <lennart@poettering.net> 2017-09-15 16:53:35 +0200
commit: 0b1f68ac8731bdc6d092aa41c6d3d6c130f22248 (patch)
tree: 5e8c0dacbe7c5e5a592596d3d2fc103721a5cdc2 /src/cryptsetup/cryptsetup-generator.c
parent: b1edf4456eabc5951d76b96bc7df2db3feebe669 (diff)
download: systemd-0b1f68ac8731bdc6d092aa41c6d3d6c130f22248.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
index 11d9892658..f882a4f80e 100644
--- a/src/cryptsetup/cryptsetup-generator.c
+++ b/src/cryptsetup/cryptsetup-generator.c
@@ -170,6 +170,7 @@ static int create_disk(
                 "Type=oneshot\n"
                 "RemainAfterExit=yes\n"
                 "TimeoutSec=0\n" /* the binary handles timeouts anyway */
+                "KeyringMode=shared\n" /* make sure we can share cached keys among instances */
                 "ExecStart=" SYSTEMD_CRYPTSETUP_PATH " attach '%s' '%s' '%s' '%s'\n"
                 "ExecStop=" SYSTEMD_CRYPTSETUP_PATH " detach '%s'\n",
                 name, u, strempty(password), strempty(filtered),
author	Lennart Poettering <lennart@poettering.net>	2017-09-14 21:23:56 +0200
committer	Lennart Poettering <lennart@poettering.net>	2017-09-15 16:53:35 +0200
commit	0b1f68ac8731bdc6d092aa41c6d3d6c130f22248 (patch)
tree	5e8c0dacbe7c5e5a592596d3d2fc103721a5cdc2 /src/cryptsetup/cryptsetup-generator.c
parent	b1edf4456eabc5951d76b96bc7df2db3feebe669 (diff)
download	systemd-0b1f68ac8731bdc6d092aa41c6d3d6c130f22248.tar.gz