diff options
| author | Daiki Ueno <dueno@redhat.com> | 2018-01-19 15:22:16 +0100 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2018-02-05 10:49:35 +0100 |
| commit | 9616790b9ad4147acd5b11de11d6d79bc9ad807f (patch) | |
| tree | 01041110e78ded2799fc4e26607ba21a618ca5d2 /trust/token.h | |
| parent | 49d2ededb64197702a8708cb4a453497bc7eaecd (diff) | |
trust: Forcibly mark "Default Trust" read-only
The "Default Trust" token is typically mounted as $datadir, which is
considered as read-only on modern OSes.
Suggestd by Kai Engert in:
https://bugzilla.redhat.com/show_bug.cgi?id=1523630
Diffstat (limited to 'trust/token.h')
| -rw-r--r-- | trust/token.h | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/trust/token.h b/trust/token.h index 1180b27..87641d0 100644 --- a/trust/token.h +++ b/trust/token.h @@ -40,11 +40,17 @@ #include "parser.h" #include "pkcs11.h" +enum { + P11_TOKEN_FLAG_NONE = 0, + P11_TOKEN_FLAG_WRITE_PROTECTED = 1 << 0, +}; + typedef struct _p11_token p11_token; p11_token * p11_token_new (CK_SLOT_ID slot, const char *path, - const char *label); + const char *label, + int flags); void p11_token_free (p11_token *token); |