After recent upgrade to systemd-233 I've lost ability to read keys from kernel keyring. Any attempt to read a key results in `keyctl_read_alloc: Permission denied`. This issue is tracked in systemd repo on GitHub: https://github.com/systemd/systemd/issues/5522 I have temporary reverted to systemd-232 - works well. /usr/lib/systemd/systemd --version systemd 233 +PAM -AUDIT -SELINUX +IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT -GNUTLS +ACL -XZ +LZ4 +SECCOMP +BLKID -ELFUTILS +KMOD -IDN default-hierarchy=hybrid emerge --info for systemd: sys-apps/systemd-233-r1::gentoo was built with the following: USE="acl cryptsetup gcrypt gnuefi kmod lz4 nat pam seccomp ssl sysv-utils (-apparmor) -audit -build -curl -doc -elfutils -http -idn -importd -lzma -policykit -qrcode (-selinux) -test -vanilla -xkb" Posting it here for visibility and tracking, since Gentoo is affected too.
I wonder if this is also the reason why after upgrade to systemd 233 I cannot mount my private directory anymore. > ecryptfs-mount-private Enter your login passphrase: Inserted auth tok with sig [14904629246b70de] into the user session keyring mount: No such file or directory > systemctl --version systemd 233 +PAM -AUDIT -SELINUX +IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN default-hierarchy=hybrid Now that systemd 233 is actually stable, this issue is becoming more visible.
This issue has been resolved 9 days ago on GitHub: https://github.com/systemd/systemd/pull/6275 We can hope to get an update to the next release soon!
(In reply to Garry Filakhtov from comment #2) > This issue has been resolved 9 days ago on GitHub: > https://github.com/systemd/systemd/pull/6275 > > We can hope to get an update to the next release soon! That PR has been reverted, so no fix for this yet.
I imagine this was fixed at some point between 233 and 236.