Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-17714

Cleanup user/session keyring usage

    XMLWordPrintable

Details

    • 3
    • 9223372036854775807

    Description

      +underlined text+Thanks to patch "LU-17173 gss: user keys go to user keyring" https://review.whamcloud.com/52771 , user keys are now linked to the user keyring, instead of the session keyring.

      But the behavior implemented by this patch needs to be adjusted. We should not keep an extra reference on the user keyring for every user key being created. This leads to too many references on this keyring, and prevents proper destroy in case the system wants to clean it up (because the user logged off for instance).

      Moreover, we should handle the case where the user key is explicitly revoked, i.e. via 'keyctl revoke' on the command line. In this case, a good practice would be to carry out the same cleanup as when 'lfs flushctx' is called, in order to properly drop references on the key, and free the security context associated with the key.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. LU-18145 Fix key unlink for regular user

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              sebastien Sebastien Buisson
              sebastien Sebastien Buisson
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: