kafs-client (recent strangeness of with add_key)

[David Howells]

Chaskiel Grundman <cgrundman at gmail.com> wrote:

> You should not just switch from KEY_SPEC_SESSION_KEYRING to
> KEY_SPEC_USER_SESSION_KEYRING, since that will cause aklog to fail
> (and do the wrong thing) when the process does have a real session
> keyring.

You could try KEY_SPEC_USER_KEYRING if you don't mind the key being shared
amongst all processes with your uid.

Unfortunately, the authors of systemd (if you're using that) didn't really
make any consideration as to how to deal with keyrings.

David