From 7fbff9a4d531e33f3d7c7e0b9871c2e19a55bace Mon Sep 17 00:00:00 2001
From: Joseph Richey <joerichey94@gmail.com>
Date: Wed, 23 Aug 2017 23:46:54 -0700
Subject: security: fscrypt now possesses the user keyring

---
 security/keyring.go | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'security')

diff --git a/security/keyring.go b/security/keyring.go
index 28225b0..ef56364 100644
--- a/security/keyring.go
+++ b/security/keyring.go
@@ -141,6 +141,13 @@ func getUserKeyringID() (int, error) {
 		}
 
 		keyringID := int(parsedID)
+		// For some stupid reason, a thread does not automaticaly "possess" keys
+		// in the user keyring. So we link it into the process keyring so that
+		// we will not get "permission denied" when purging or modifying keys.
+		if err := keyringLink(keyringID, unix.KEY_SPEC_PROCESS_KEYRING); err != nil {
+			return 0, err
+		}
+
 		keyringIDCache[euid] = keyringID
 		return keyringID, nil
 	}
-- 
cgit v1.2.3