From fb88d74f0335cdf8218bb8dfbaa03f23773318cf Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Sat, 9 May 2020 14:52:07 -0700 Subject: keyring: improve errors ErrAccessUserKeyring: Include the user, and fix the backwards wrapping. ErrSessionUserKeyring: Include the user. ErrKeyAdd: ErrKeyRemove: ErrKeySearch: ErrLinkUserKeyring: Replace these with one-off unnamed errors because they are never checked for, and this makes it easier for the callers to provide better messages, e.g. fixing the backwards wrapping. --- cli-tests/t_v1_policy.out | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'cli-tests') diff --git a/cli-tests/t_v1_policy.out b/cli-tests/t_v1_policy.out index 0ff5219..e693bf5 100644 --- a/cli-tests/t_v1_policy.out +++ b/cli-tests/t_v1_policy.out @@ -11,14 +11,15 @@ can be done with --user=USERNAME. To use the root user's keyring or passphrase, use --user=root. # Try to use --user=root as user -[ERROR] fscrypt encrypt: setting uids: operation not permitted: could not access - user keyring +[ERROR] fscrypt encrypt: could not access user keyring for "root": setting uids: + operation not permitted You can only use --user=USERNAME to access the user keyring of another user if you are running as root. # Try to encrypt without user keyring in session keyring -[ERROR] fscrypt encrypt: user keyring not linked into session keyring +[ERROR] fscrypt encrypt: user keyring for "fscrypt-test-user" is not linked into + the session keyring This is usually the result of a bad PAM configuration. Either correct the problem in your PAM stack, enable pam_keyinit.so, or run "keyctl link @u @s". -- cgit v1.2.3