diff options
| author | Daan De Meyer <daan.j.demeyer@gmail.com> | 2024-10-30 13:53:31 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2024-10-30 17:43:53 +0100 |
| commit | d9f4dad986dcebd51bdaeb8ba3d2c00cdc0d701e (patch) | |
| tree | 17fd4b61221cf40a3b15a97c03e58af604dee11e /src/partition | |
| parent | logind: add BlockWeakInhibited property (diff) | |
| download | systemd-d9f4dad986dcebd51bdaeb8ba3d2c00cdc0d701e.tar.xz systemd-d9f4dad986dcebd51bdaeb8ba3d2c00cdc0d701e.zip | |
ask-password: Allow configuring the keyring timeout via an environment variable
In mkosi, we want an easy way to set the keyring timeout for every
tool we invoke that might use systemd-ask-password to query for a
password which is then stored in the kernel keyring. Let's make this
possible via a new $SYSTEMD_ASK_PASSWORD_KEYRING_TIMEOUT_SEC environment
variable.
Using an environment variable means we don't have to modify every separate
tool to add a CLI option allowing to specify the timeout. In mkosi specifically,
we'll set up a new session keyring for the mkosi process linked to the user keyring
so that any pins in the user keyring are used if available, and otherwise we'll query
for and store password in mkosi's session keyring with a zero timeout so that they stay
in the keyring until the mkosi process exits at which point they're removed from the
keyring.
Diffstat (limited to 'src/partition')
0 files changed, 0 insertions, 0 deletions