Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to specify keyctl scope. #1202

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add ability to specify keyctl scope. #1202

wants to merge 1 commit into from

Conversation

jmczerk
Copy link
Contributor

@jmczerk jmczerk commented Apr 6, 2023

Resolves the issue described in this comment, enabling keyctl backend to work in Linux by allowing a user to specify a keyctl scope.

Current behavior:

sh-4.2$ ./aws-vault login --debug --backend keyctl default
2023/04/06 22:07:45 aws-vault dev
2023/04/06 22:07:45 Using prompt driver: terminal
2023/04/06 22:07:45 [keyring] Considering backends: [keyctl]
2023/04/06 22:07:45 [keyring] Failed backend keyctl: accessing "" keyring failed: unknown scope ""
aws-vault: error: Specified keyring backend not available, try --help

With new --keyctl-scope flag (SUCCESS):

sh-4.2$ ./aws-vault login --debug --backend keyctl --keyctl-scope user default
2023/04/06 22:08:22 aws-vault dev
2023/04/06 22:08:22 Using prompt driver: terminal
2023/04/06 22:08:22 [keyring] Considering backends: [keyctl]
2023/04/06 22:08:22 Loading config file /home/ec2-user/.aws/config
2023/04/06 22:08:22 Parsing config file /home/ec2-user/.aws/config
2023/04/06 22:08:22 profile default: using credential process
2023/04/06 22:08:22 Re-using cached credentials ****************UNZD from credential_process, expires in 14m54.11233509s
2023/04/06 22:08:22 Requesting a signin token for session expiring in 14m54.056822686s

With new AWS_VAULT_KEYCTL_SCOPE environment variable (SUCCESS):

sh-4.2$ AWS_VAULT_KEYCTL_SCOPE=user ./aws-vault login --debug --backend keyctl default
2023/04/06 22:10:07 aws-vault dev
2023/04/06 22:10:07 Using prompt driver: terminal
2023/04/06 22:10:07 [keyring] Considering backends: [keyctl]
2023/04/06 22:10:07 Loading config file /home/ec2-user/.aws/config
2023/04/06 22:10:07 Parsing config file /home/ec2-user/.aws/config
2023/04/06 22:10:07 profile default: using credential process
2023/04/06 22:10:07 Re-using cached credentials ****************UNZD from credential_process, expires in 13m9.003402192s
2023/04/06 22:10:08 Requesting a signin token for session expiring in 13m8.951533886s

@jynolen
Copy link

jynolen commented Aug 23, 2023

Can confirm if can fix issues with keyctl.
Please consider mrege before next release.

Thank you

@ms-zlab
Copy link

ms-zlab commented Oct 20, 2023

need this fix, when will it be merged?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jmczerk @jynolen @ms-zlab