2010-02-25 07:29:42 +00:00
|
|
|
.\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
|
|
|
|
.\" Written by David Howells (dhowells@redhat.com)
|
|
|
|
.\"
|
2013-03-10 09:29:47 +00:00
|
|
|
.\" %%%LICENSE_START(GPLv2+_SW_ONEPARA)
|
2010-02-25 07:29:42 +00:00
|
|
|
.\" This program is free software; you can redistribute it and/or
|
|
|
|
.\" modify it under the terms of the GNU General Public License
|
|
|
|
.\" as published by the Free Software Foundation; either version
|
|
|
|
.\" 2 of the License, or (at your option) any later version.
|
2013-03-10 09:28:55 +00:00
|
|
|
.\" %%%LICENSE_END
|
2010-02-25 07:29:42 +00:00
|
|
|
.\"
|
2012-05-26 12:47:43 +00:00
|
|
|
.\" FIXME Document KEYCTL_REJECT (new in 2.6.39)
|
|
|
|
.\" commit fdd1b94581782a2ddf9124414e5b7a5f48ce2f9c
|
2014-01-22 09:54:09 +00:00
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
2012-05-26 12:47:43 +00:00
|
|
|
.\" Documentation/security/keys.txt
|
|
|
|
.\" FIXME Document KEYCTL_INSTANTIATE_IOV (new in 2.6.39)
|
|
|
|
.\" commit ee009e4a0d4555ed522a631bae9896399674f064
|
2014-01-22 09:54:09 +00:00
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
2012-05-26 12:47:43 +00:00
|
|
|
.\" Documentation/security/keys.txt
|
|
|
|
.\" FIXME Document KEYCTL_INVALIDATE (new in 3.5)
|
|
|
|
.\" commit fd75815f727f157a05f4c96b5294a4617c0557da
|
2014-01-22 09:54:09 +00:00
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
2012-05-26 12:47:43 +00:00
|
|
|
.\" Documentation/security/keys.txt
|
2014-01-22 09:54:09 +00:00
|
|
|
.\" FIXME Document KEYCTL_GET_PERSISTENT (new in 3.13)
|
|
|
|
.\" commit f36f8c75ae2e7d4da34f4c908cebdb4aa42c977e
|
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
2012-05-26 12:47:43 +00:00
|
|
|
.\"
|
2014-01-22 09:55:00 +00:00
|
|
|
.TH KEYCTL 2 2014-01-22 Linux "Linux Key Management Calls"
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH NAME
|
intro.1, add_key.2, get_mempolicy.2, get_thread_area.2, intro.2, keyctl.2, mbind.2, request_key.2, set_thread_area.2, clock.3, cmsg.3, getcwd.3, getpw.3, intro.3, malloc.3, posix_memalign.3, shm_open.3, sleep.3, sysconf.3, intro.4, sd.4, intro.5, locale.5, slabinfo.5, intro.6, boot.7, bootparam.7, futex.7, glob.7, hier.7, intro.7, libc.7, locale.7, mq_overview.7, netlink.7, sem_overview.7, shm_overview.7, unix.7, intro.8: Global fix: Use consistent capitalization in NAME section
The line(s) in the NAME section should only use capitals
where English usage dictates that. Otherwise, use
lowercase throughout.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2012-10-21 06:29:13 +00:00
|
|
|
keyctl \- manipulate the kernel's key management facility
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH SYNOPSIS
|
|
|
|
.nf
|
|
|
|
.B #include <keyutils.h>
|
|
|
|
.sp
|
|
|
|
.BI "long keyctl(int " cmd ", ...);"
|
add_key.2, keyctl.2, request_key.2, offsetof.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_attr_setdetachstate.3, pthread_attr_setguardsize.3, pthread_attr_setinheritsched.3, pthread_attr_setschedparam.3, pthread_attr_setschedpolicy.3, pthread_attr_setscope.3, pthread_attr_setstackaddr.3, pthread_attr_setstacksize.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_cleanup_push_defer_np.3, pthread_equal.3, pthread_exit.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_self.3, pthread_setaffinity_np.3, pthread_setcancelstate.3, pthread_setconcurrency.3, pthread_setschedparam.3, pthread_setschedprio.3, pthread_testcancel.3: Global formatting fix: balance .nf/.fi pairs
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2012-03-12 15:37:22 +00:00
|
|
|
.fi
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH DESCRIPTION
|
|
|
|
.BR keyctl ()
|
|
|
|
has a number of functions available:
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_GET_KEYRING_ID
|
2010-02-25 07:29:42 +00:00
|
|
|
Ask for a keyring's ID.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_JOIN_SESSION_KEYRING
|
2010-02-25 07:29:42 +00:00
|
|
|
Join or start named session keyring.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_UPDATE
|
2010-02-25 07:29:42 +00:00
|
|
|
Update a key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_REVOKE
|
2010-02-25 07:29:42 +00:00
|
|
|
Revoke a key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_CHOWN
|
2010-02-25 07:29:42 +00:00
|
|
|
Set ownership of a key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_SETPERM
|
2010-02-25 07:29:42 +00:00
|
|
|
Set perms on a key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_DESCRIBE
|
2010-02-25 07:29:42 +00:00
|
|
|
Describe a key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_CLEAR
|
2010-02-25 07:29:42 +00:00
|
|
|
Clear contents of a keyring.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_LINK
|
2010-02-25 07:29:42 +00:00
|
|
|
Link a key into a keyring.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_UNLINK
|
2010-02-25 07:29:42 +00:00
|
|
|
Unlink a key from a keyring.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_SEARCH
|
2010-02-25 07:29:42 +00:00
|
|
|
Search for a key in a keyring.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_READ
|
2010-02-25 07:29:42 +00:00
|
|
|
Read a key or keyring's contents.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_INSTANTIATE
|
2010-02-25 07:29:42 +00:00
|
|
|
Instantiate a partially constructed key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_NEGATE
|
2010-02-25 07:29:42 +00:00
|
|
|
Negate a partially constructed key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_SET_REQKEY_KEYRING
|
2010-02-25 07:29:42 +00:00
|
|
|
Set default request-key keyring.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_SET_TIMEOUT
|
2010-02-25 07:29:42 +00:00
|
|
|
Set timeout on a key.
|
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_ASSUME_AUTHORITY
|
2010-02-25 07:29:42 +00:00
|
|
|
Assume authority to instantiate key.
|
|
|
|
.P
|
|
|
|
These are wrapped by
|
|
|
|
.B libkeyutils
|
|
|
|
into individual functions to permit compiler the compiler to check types.
|
|
|
|
See the
|
|
|
|
.B See Also
|
|
|
|
section at the bottom.
|
|
|
|
.SH RETURN VALUE
|
|
|
|
On success
|
|
|
|
.BR keyctl ()
|
|
|
|
returns the serial number of the key it found.
|
2013-02-11 21:44:14 +00:00
|
|
|
On error, the value \-1
|
2010-02-25 07:29:42 +00:00
|
|
|
will be returned and errno will have been set to an appropriate error.
|
|
|
|
.SH ERRORS
|
|
|
|
.TP
|
2010-11-01 06:18:03 +00:00
|
|
|
.B EACCES
|
|
|
|
A key operation wasn't permitted.
|
|
|
|
.TP
|
|
|
|
.B EDQUOT
|
|
|
|
The key quota for the caller's user would be exceeded by creating a key or
|
|
|
|
linking it to the keyring.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
|
|
|
.B EKEYEXPIRED
|
|
|
|
An expired key was found or specified.
|
|
|
|
.TP
|
|
|
|
.B EKEYREJECTED
|
|
|
|
A rejected key was found or specified.
|
|
|
|
.TP
|
2010-11-01 06:18:03 +00:00
|
|
|
.B EKEYREVOKED
|
|
|
|
A revoked key was found or specified.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2010-11-01 06:18:03 +00:00
|
|
|
.B ENOKEY
|
|
|
|
No matching key was found or an invalid key was specified.
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH LINKING
|
|
|
|
Although this is a Linux system call, it is not present in
|
|
|
|
.I libc
|
|
|
|
but can be found rather in
|
|
|
|
.IR libkeyutils .
|
|
|
|
When linking,
|
|
|
|
.B -lkeyutils
|
|
|
|
should be specified to the linker.
|
|
|
|
.SH SEE ALSO
|
2012-09-25 04:05:33 +00:00
|
|
|
.ad l
|
|
|
|
.nh
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl (1),
|
|
|
|
.BR add_key (2),
|
|
|
|
.BR request_key (2),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_set_timeout (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_chown (3),
|
|
|
|
.BR keyctl_clear (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_describe (3),
|
|
|
|
.BR keyctl_describe_alloc (3),
|
|
|
|
.BR keyctl_get_keyring_ID (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_instantiate (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_join_session_keyring (3),
|
|
|
|
.BR keyctl_link (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_negate (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_revoke (3),
|
|
|
|
.BR keyctl_search (3),
|
|
|
|
.BR keyctl_setperm (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_set_reqkey_keyring (3),
|
|
|
|
.BR keyctl_set_timeout (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_read (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_read_alloc (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_unlink (3),
|
|
|
|
.BR keyctl_update (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR request-key (8)
|
2014-01-22 09:55:00 +00:00
|
|
|
|
|
|
|
The kernel source file
|
|
|
|
.IR Documentation/security/keys.txt .
|