SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from Fedora 21 keyutils-libs-1.5.9-4.fc21.i686.rpm

PERSISTENT KEYRING

Section: Kernel key management (7)
Updated: 20 Feb 2014
Index 

NAME

persistent keyring - Per-user persistent keyring 

DESCRIPTION

Thepersistent keyringis a keyring used to anchor keys on behalf of a user. Each UID the kerneldeals with has its own persistent keyring that is shared between all threadsowned by that UID.The persistent keyring is created on demand when a thread requests it. Thekeyring's expiration timer is reset every time it is accessed to the value in:
/proc/sys/kernel/keys/persistent_keyring_expiryThe persistent keyring is not searched by request_key() unless it isreferred to by a keyring that is.The persistent keyring may not be accessed directly, even by processes withthe appropriate UID. Instead it must be linked to one of a process's keyringsfirst before that keyring can access it by virtue of its possessor permits.This is done with keyctl_get_persistent().Persistent keyrings are independent of clone(), fork(), vfork(), execve() andexit(). They persist until their expiration timers trigger - at which pointthey are garbage collected. This allows them to carry keys beyond the life ofthe kernel's record of the corresponding UID (the destruction of which resultsin the destruction of the user and user session keyrings).If a persistent keyring does not exist when it is accessed, it will becreated.
 

SPECIAL OPERATIONS

The keyutils library provides a special operation for manipulating persistentkeyrings:
keyctl_get_persistent()
This operation allows the caller to get the persistent keyring correspondingto their own UID or, if they have CAP_SETUID, the persistent keyringcorresponding to some other UID in the same user namespace.
 

SEE ALSO

keyctl(1),
keyctl(3),
keyctl_get_persistent(3),
keyrings(7),
process-keyring(7),
session-keyring(7),
thread-keyring(7),
user-keyring(7),
user-session-keyring(7)


 

Index

NAME
DESCRIPTION
SPECIAL OPERATIONS
SEE ALSO

This document was created byman2html,using the manual pages.