1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

ask-password: skip kernel keyring logic if we see EPERM

Let's improve compat with container managers that block the keyring
logic and return EPERM for them.
This commit is contained in:
Lennart Poettering 2019-11-19 18:47:31 +01:00
parent e6376b6a41
commit 09a6b4f34f

View File

@ -168,7 +168,12 @@ static int ask_password_keyring(const char *keyname, AskPasswordFlags flags, cha
return -EUNATCH;
r = lookup_key(keyname, &serial);
if (r == -ENOSYS) /* when retrieving the distinction doesn't matter */
if (ERRNO_IS_NOT_SUPPORTED(r) || r == -EPERM) /* when retrieving the distinction between "kernel or
* container manager don't support or allow this" and
* "no matching key known" doesn't matter. Note that we
* propagate EACCESS here (even if EPERM not) since
* that is used if the keyring is available but we lack
* access to the key. */
return -ENOKEY;
if (r < 0)
return r;