MAN page from Fedora 19 keyutils-libs-1.5.9-1.fc19.i686.rpm
USER SESSION KEYRING
Section: Kernel key management (7)
Updated: 20 Feb 2014Index
user session keyring - Per-user default session keyring
Theuser session keyring
is a keyring used to anchor keys on behalf of a user. Each UID the kerneldeals with has its own user session keyring. This keyring is associated withthe record that the kernel maintains for the UID and, once created, is retainedas long as that record persists. It is shared amongst all processes of thatUID.The user session keyring is created on demand when a thread requests it or whena thread asks for its session keyring
and that doesn't exist. In thelatter case, a user session keyring will be created and, if the session keyringwasn't to be created, the user session keyring will be set as the process'sactual session keyring.The user session keyring is searched by request_key
() if the actualsession keyring does not exist and is ignored otherwise.A special serial number value, KEY_SPEC_USER_SESSION_KEYRING
, is definedthat can be used in lieu of the calling process's user session keyring's actualserial number.From the keyctl utility, '@us
' can be used instead of a numeric key ID inmuch the same way.User session keyrings are independent of clone(), fork(), vfork(), execve() andexit() excepting that the keyring is destroyed when the UID record is destroyedwhen the last process pinning it exits.If a user session keyring does not exist when it is accessed, it will becreated.It is strongly recommended that a session keyring
be set explicitly, forexample by pam_keyinit
, rather than relying on the user session keyring -particularly if a process is running as root.
- SEE ALSO
This document was created byman2html,using the manual pages.