mirror of
https://github.com/morgan9e/systemd
synced 2026-04-14 00:14:32 +09:00
fd8ed7f26b
The new "password-cache" option allows customizing behavior of the ask-password module in regards to caching credentials in the kernel keyring. There are 3 possible values for this option: * read-only - look for credentials in kernel keyring before asking * on - same as read-only, but also save credentials input by user * off - disable keyring credential cache Currently the cache is forced upon the user and this can cause issues. For example, if user wants to attach two volumes with two different FIDO2 tokens in a quick succession, the attachment operation for the second volume will use the PIN cached from the first FIDO2 token, which of course will fail and since tokens are only attempted once, this will cause fallback to a password prompt.
8.1 KiB
8.1 KiB