summaryrefslogtreecommitdiff
path: root/p11-kit
diff options
context:
space:
mode:
authorLubomir Rintel <lkundrak@v3.sk>2016-12-08 18:20:37 +0100
committerDaiki Ueno <ueno@gnu.org>2017-01-20 16:08:01 +0100
commita4fb2bb587fb1a0146cf97f039b671d3258488f9 (patch)
treeb3784d8d7c848714ad3457b8d55f393cb79a2ec6 /p11-kit
parent563606efe17cbf3b84679f5e54f60b8d68ba9015 (diff)
systemd: add per-user remoting socket
This allows daemons outside user's session to use per-user PKCS#11 modules. Useful for letting VPN daemons or wpa_supplicant use certificates stored in user's GNOME keyring, etc.
Diffstat (limited to 'p11-kit')
-rw-r--r--p11-kit/Makefile.am11
-rw-r--r--p11-kit/p11-kit-remote.socket10
-rw-r--r--p11-kit/p11-kit-remote@.service.in10
3 files changed, 31 insertions, 0 deletions
diff --git a/p11-kit/Makefile.am b/p11-kit/Makefile.am
index f1c0583..507be5f 100644
--- a/p11-kit/Makefile.am
+++ b/p11-kit/Makefile.am
@@ -93,13 +93,23 @@ install-exec-hook:
done
$(MKDIR_P) $(DESTDIR)$(p11_package_config_modules)
+install-data-hook:
+ $(MKDIR_P) $(DESTDIR)$(systemduserdir)/sockets.target.wants
+ $(LN_S) -f ../p11-kit-remote.socket $(DESTDIR)$(systemduserdir)/sockets.target.wants/p11-kit-remote.socket
+
uninstall-local:
for i in so dylib; do \
rm -f $(DESTDIR)$(libdir)/p11-kit-proxy.$$i; \
done
+ rm -f $(DESTDIR)$(systemduserdir)/sockets.target.wants/p11-kit-remote.socket
endif
+systemduserdir = $(prefix)/lib/systemd/user
+systemduser_DATA = \
+ p11-kit/p11-kit-remote.socket \
+ p11-kit/p11-kit-remote@.service
+
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = p11-kit/p11-kit-1.pc
@@ -108,6 +118,7 @@ example_DATA = p11-kit/pkcs11.conf.example
EXTRA_DIST += \
p11-kit/docs.h \
+ p11-kit/p11-kit-remote.socket \
$(NULL)
bin_PROGRAMS += p11-kit/p11-kit
diff --git a/p11-kit/p11-kit-remote.socket b/p11-kit/p11-kit-remote.socket
new file mode 100644
index 0000000..37a277b
--- /dev/null
+++ b/p11-kit/p11-kit-remote.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=PKCS#11 Remote Access Socket
+
+[Socket]
+Accept=true
+ListenStream=%t/p11-kit-remote
+SocketMode=0600
+
+[Install]
+WantedBy=sockets.target
diff --git a/p11-kit/p11-kit-remote@.service.in b/p11-kit/p11-kit-remote@.service.in
new file mode 100644
index 0000000..dd6d332
--- /dev/null
+++ b/p11-kit/p11-kit-remote@.service.in
@@ -0,0 +1,10 @@
+[Unit]
+Description=PKCS#11 Remote Access
+Documentation=man:p11-kit(8)
+Requires=p11-kit-remote.socket
+
+[Service]
+StandardInput=socket
+StandardOutput=socket
+StandardError=journal
+ExecStart=@libdir@/p11-kit/p11-kit-remote @libdir@/p11-kit-proxy.so