[Freeipa-devel] [PATCH] 439 Allow kernel keyring CCACHE when supported
Martin Kosek
mkosek at redhat.com
Mon Dec 2 13:01:25 UTC 2013
On 12/02/2013 01:58 PM, Petr Viktorin wrote:
> On 11/29/2013 01:48 PM, Martin Kosek wrote:
>> On 11/19/2013 12:35 PM, Petr Viktorin wrote:
>>> On 11/05/2013 07:22 PM, Martin Kosek wrote:
>>>> Server and client installer should allow kernel keyring ccache when
>>>> supported.
>
>>>
>>> How do I enable the kernel keyring? On f20 I get this:
>>>
>>> 2013-11-19T11:28:07Z DEBUG Starting external process
>>> 2013-11-19T11:28:07Z DEBUG args=keyctl get_persistent @s 0
>>> 2013-11-19T11:28:07Z DEBUG Process finished, return code=1
>>> 2013-11-19T11:28:07Z DEBUG stdout=
>>> 2013-11-19T11:28:07Z DEBUG stderr=keyctl_get_persistent: Key has been revoked
>>
>> It should be enabled out of the box. But there were some initial issues with
>> persistent keyring in the first versions of kernel with a support, hopefully
>> this was just a fluke which disappeared.
>>
>> This is what I see on my F20 with kernel-3.11.9-300.fc20.x86_64:
>>
>> # keyctl get_persistent @s 0
>> 637466038
>
> With kernel-3.11.10-300.fc20.x86_64, I get an error again:
> $ keyctl get_persistent @s 0
> keyctl_get_persistent: Key has been revoked
Not sure if it is a typo, but you won't surely get a root's keyring as a
non-root user...
Martin
More information about the Freeipa-devel
mailing list