MAN page from Fedora 23 keyutils-libs-1.5.9-7.fc23.i686.rpm
KEYRINGS
Section: Kernel key management (7)
Updated: 21 Feb 2014
Index NAME
keyutils - In-kernel key management utilities
DESCRIPTION
The
keyutilspackage is a library and a set of utilities for accessing the kernel
keyrings facility.A header file is supplied to provide the definitions and declarations requiredto access the library:
- #include <keyutils.h>
To link with the library, the following:
- -lkeyutils
should be specified to the linker.Three system calls are provided:
- add_key()
- Supply a new key to the kernel.
- request_key()
- Find an existing key for use, or, optionally, create one if one does not exist.
- keyctl()
- Control a key in various ways. The library provides a variety of wrappersaround this system call and those should be used rather than calling itdirectly.See theadd_key(2),request_key(2),andkeyctl(2)manual pages for more information.The keyctl() wrappers are listed on thekeyctl(3)manual page.
UTILITIES
A program is provided to interact with the kernel facility by a number ofsubcommands, e.g.:
- keyctl add user foo bar @s
See the
keyctl(1)manual page for information on that.The kernel has the ability to upcall to userspace to fabricate new keys. Thiscan be triggered by
request_key(), but userspace is better off using
add_key() instead if it possibly can.The upcalling mechanism is usually routed via the:
- request-key
program. What this does with any particular key is configurable in:
- /etc/request-key.conf
/etc/request-key.d/
See the
request-key.conf(5)and the
request-key(8)manual pages for more information.
SEE ALSO
keyrings(7),
pam_keyinit(8),
process-keyring(7),
session-keyring(7),
thread-keyring(7),
user-keyring(7),
user-session-keyring(7),
persistent-keyring(7)
Index
- NAME
- DESCRIPTION
- UTILITIES
- SEE ALSO
This document was created byman2html,using the manual pages.
