mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-10 06:47:45 +00:00
9e3cc0ff5e
Our secret driver divides secrets into two groups: ephemeral (stored only in memory) and persistent (stored on disk). Now, the aim of ephemeral secrets is to define them shortly before being used and then undefine them. But 'shortly before being used' is a very vague time frame. And since we default to socket activation and thus pass '--timeout 120' to every daemon it may happen that just defined ephemeral secret is gone among with the virtsecretd. This is no problem for persistent secrets as their definition (and value) is restored when the virtsecretd starts again, but ephemeral secrets can't be restored. Therefore, we could view ephemeral secrets as active objects that the daemon manages and thus inhibit automatic shutdown (just like hypervisor daemons do when a guest is running). Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> |
||
|---|---|---|
| .. | ||
| meson.build | ||
| secret_driver.c | ||
| secret_driver.h | ||
| virtsecretd.init.in | ||
| virtsecretd.service.in | ||