2010-02-25 07:29:42 +00:00
|
|
|
.\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
|
|
|
|
|
.\" Written by David Howells (dhowells@redhat.com)
|
|
|
|
|
.\"
|
2013-03-10 09:29:47 +00:00
|
|
|
.\" %%%LICENSE_START(GPLv2+_SW_ONEPARA)
|
2010-02-25 07:29:42 +00:00
|
|
|
.\" This program is free software; you can redistribute it and/or
|
|
|
|
|
.\" modify it under the terms of the GNU General Public License
|
|
|
|
|
.\" as published by the Free Software Foundation; either version
|
|
|
|
|
.\" 2 of the License, or (at your option) any later version.
|
2013-03-10 09:28:55 +00:00
|
|
|
.\" %%%LICENSE_END
|
2010-02-25 07:29:42 +00:00
|
|
|
.\"
|
2016-10-08 10:48:46 +00:00
|
|
|
.\" FIXME Document KEYCTL_GET_SECURITY (new in 2.6.26)
|
|
|
|
|
.\" commit 70a5bb72b55e82fbfbf1e22cae6975fac58a1e2d
|
|
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
|
|
|
|
.\" Date: Tue Apr 29 01:01:26 2008 -0700
|
|
|
|
|
.\" FIXME Document KEYCTL_SESSION_TO_PARENT (new in 2.6.32)
|
|
|
|
|
.\" commit ee18d64c1f632043a02e6f5ba5e045bb26a5465f
|
|
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
|
|
|
|
.\" Date: Wed Sep 2 09:14:21 2009 +0100
|
|
|
|
|
.\" FIXME Document KEYCTL_REJECT (new in 2.6.39)
|
|
|
|
|
.\" commit fdd1b94581782a2ddf9124414e5b7a5f48ce2f9c
|
|
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
|
|
|
|
.\" Documentation/security/keys.txt
|
|
|
|
|
.\" FIXME Document KEYCTL_INSTANTIATE_IOV (new in 2.6.39)
|
|
|
|
|
.\" commit ee009e4a0d4555ed522a631bae9896399674f064
|
|
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
|
|
|
|
.\" Documentation/security/keys.txt
|
|
|
|
|
.\" FIXME Document KEYCTL_INVALIDATE (new in 3.5)
|
|
|
|
|
.\" commit fd75815f727f157a05f4c96b5294a4617c0557da
|
|
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
|
|
|
|
.\" Documentation/security/keys.txt
|
|
|
|
|
.\" FIXME Document KEYCTL_GET_PERSISTENT (new in 3.13)
|
|
|
|
|
.\" commit f36f8c75ae2e7d4da34f4c908cebdb4aa42c977e
|
|
|
|
|
.\" Author: David Howells <dhowells@redhat.com>
|
|
|
|
|
.\"
|
add_key.2, chown.2, epoll_ctl.2, epoll_wait.2, execve.2, fcntl.2, get_mempolicy.2, getxattr.2, ioctl.2, keyctl.2, listxattr.2, mkdir.2, mknod.2, mmap.2, msync.2, nfsservctl.2, open.2, prctl.2, removexattr.2, request_key.2, sendfile.2, set_mempolicy.2, setxattr.2, shmget.2, shutdown.2, sigaction.2, syslog.2, truncate.2, umask.2, CPU_SET.3, atexit.3, bsearch.3, cmsg.3, err.3, gethostid.3, getmntent.3, getopt.3, iconv_close.3, inet_ntop.3, longjmp.3, lsearch.3, mcheck.3, on_exit.3, putpwent.3, regex.3, resolver.3, setbuf.3, setjmp.3, setlocale.3, setlogmask.3, sleep.3, strsignal.3, sysconf.3, undocumented.3, tty_ioctl.4, proc.5, resolv.conf.5, tzfile.5, aio.7, bootparam.7, capabilities.7, fanotify.7, inotify.7, ip.7, packet.7, pthreads.7, raw.7, signal.7, socket.7, unix.7, ld.so.8, nscd.8: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-05-07 06:26:32 +00:00
|
|
|
.TH KEYCTL 2 2015-05-07 Linux "Linux Key Management Calls"
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH NAME
|
intro.1, add_key.2, get_mempolicy.2, get_thread_area.2, intro.2, keyctl.2, mbind.2, request_key.2, set_thread_area.2, clock.3, cmsg.3, getcwd.3, getpw.3, intro.3, malloc.3, posix_memalign.3, shm_open.3, sleep.3, sysconf.3, intro.4, sd.4, intro.5, locale.5, slabinfo.5, intro.6, boot.7, bootparam.7, futex.7, glob.7, hier.7, intro.7, libc.7, locale.7, mq_overview.7, netlink.7, sem_overview.7, shm_overview.7, unix.7, intro.8: Global fix: Use consistent capitalization in NAME section
The line(s) in the NAME section should only use capitals
where English usage dictates that. Otherwise, use
lowercase throughout.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2012-10-21 06:29:13 +00:00
|
|
|
keyctl \- manipulate the kernel's key management facility
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH SYNOPSIS
|
|
|
|
|
.nf
|
|
|
|
|
.B #include <keyutils.h>
|
|
|
|
|
.sp
|
2016-10-08 10:48:46 +00:00
|
|
|
.BI "long keyctl(int " cmd ", ...);"
|
add_key.2, keyctl.2, request_key.2, offsetof.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_attr_setdetachstate.3, pthread_attr_setguardsize.3, pthread_attr_setinheritsched.3, pthread_attr_setschedparam.3, pthread_attr_setschedpolicy.3, pthread_attr_setscope.3, pthread_attr_setstackaddr.3, pthread_attr_setstacksize.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_cleanup_push_defer_np.3, pthread_equal.3, pthread_exit.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_self.3, pthread_setaffinity_np.3, pthread_setcancelstate.3, pthread_setconcurrency.3, pthread_setschedparam.3, pthread_setschedprio.3, pthread_testcancel.3: Global formatting fix: balance .nf/.fi pairs
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2012-03-12 15:37:22 +00:00
|
|
|
.fi
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH DESCRIPTION
|
|
|
|
|
.BR keyctl ()
|
2016-10-08 10:48:46 +00:00
|
|
|
has a number of functions available:
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_GET_KEYRING_ID
|
2016-10-08 10:48:46 +00:00
|
|
|
Ask for a keyring's ID.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_JOIN_SESSION_KEYRING
|
2016-10-08 10:48:46 +00:00
|
|
|
Join or start named session keyring.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_UPDATE
|
2016-10-08 10:48:46 +00:00
|
|
|
Update a key.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_REVOKE
|
2016-10-08 10:48:46 +00:00
|
|
|
Revoke a key.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_CHOWN
|
2016-10-08 10:48:46 +00:00
|
|
|
Set ownership of a key.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_SETPERM
|
2016-10-08 10:48:46 +00:00
|
|
|
Set perms on a key.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_DESCRIBE
|
2016-10-08 10:48:46 +00:00
|
|
|
Describe a key.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_CLEAR
|
2016-10-08 10:48:46 +00:00
|
|
|
Clear contents of a keyring.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_LINK
|
2016-10-08 10:48:46 +00:00
|
|
|
Link a key into a keyring.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_UNLINK
|
2016-10-08 10:48:46 +00:00
|
|
|
Unlink a key from a keyring.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_SEARCH
|
2016-10-08 10:48:46 +00:00
|
|
|
Search for a key in a keyring.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_READ
|
2016-10-08 10:48:46 +00:00
|
|
|
Read a key or keyring's contents.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_INSTANTIATE
|
2016-10-08 10:48:46 +00:00
|
|
|
Instantiate a partially constructed key.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2012-03-20 17:24:41 +00:00
|
|
|
.B KEYCTL_NEGATE
|
2016-10-08 10:48:46 +00:00
|
|
|
Negate a partially constructed key.
|
2016-09-26 02:24:48 +00:00
|
|
|
.TP
|
2016-10-08 10:48:46 +00:00
|
|
|
.B KEYCTL_SET_REQKEY_KEYRING
|
|
|
|
|
Set default request-key keyring.
|
2016-09-26 02:24:48 +00:00
|
|
|
.TP
|
2016-10-08 10:48:46 +00:00
|
|
|
.B KEYCTL_SET_TIMEOUT
|
|
|
|
|
Set timeout on a key.
|
2016-09-26 02:24:48 +00:00
|
|
|
.TP
|
2016-10-08 10:48:46 +00:00
|
|
|
.B KEYCTL_ASSUME_AUTHORITY
|
|
|
|
|
Assume authority to instantiate key.
|
2010-02-25 07:29:42 +00:00
|
|
|
.P
|
|
|
|
|
These are wrapped by
|
|
|
|
|
.B libkeyutils
|
2016-08-07 18:19:44 +00:00
|
|
|
into individual functions (listed under SEE ALSO)
|
|
|
|
|
to permit the compiler to check types.
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH RETURN VALUE
|
2016-10-08 10:48:46 +00:00
|
|
|
On success
|
|
|
|
|
.BR keyctl ()
|
|
|
|
|
returns the serial number of the key it found.
|
|
|
|
|
On error, the value \-1
|
|
|
|
|
will be returned and errno will have been set to an appropriate error.
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH ERRORS
|
|
|
|
|
.TP
|
2010-11-01 06:18:03 +00:00
|
|
|
.B EACCES
|
|
|
|
|
A key operation wasn't permitted.
|
|
|
|
|
.TP
|
|
|
|
|
.B EDQUOT
|
|
|
|
|
The key quota for the caller's user would be exceeded by creating a key or
|
|
|
|
|
linking it to the keyring.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
|
|
|
|
.B EKEYEXPIRED
|
|
|
|
|
An expired key was found or specified.
|
|
|
|
|
.TP
|
|
|
|
|
.B EKEYREJECTED
|
|
|
|
|
A rejected key was found or specified.
|
|
|
|
|
.TP
|
2010-11-01 06:18:03 +00:00
|
|
|
.B EKEYREVOKED
|
|
|
|
|
A revoked key was found or specified.
|
2010-02-25 07:29:42 +00:00
|
|
|
.TP
|
2010-11-01 06:18:03 +00:00
|
|
|
.B ENOKEY
|
|
|
|
|
No matching key was found or an invalid key was specified.
|
2010-02-25 07:29:42 +00:00
|
|
|
.SH LINKING
|
|
|
|
|
Although this is a Linux system call, it is not present in
|
|
|
|
|
.I libc
|
|
|
|
|
but can be found rather in
|
|
|
|
|
.IR libkeyutils .
|
|
|
|
|
When linking,
|
|
|
|
|
.B -lkeyutils
|
|
|
|
|
should be specified to the linker.
|
|
|
|
|
.SH SEE ALSO
|
2012-09-25 04:05:33 +00:00
|
|
|
.ad l
|
|
|
|
|
.nh
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl (1),
|
|
|
|
|
.BR add_key (2),
|
|
|
|
|
.BR request_key (2),
|
|
|
|
|
.BR keyctl_chown (3),
|
|
|
|
|
.BR keyctl_clear (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_describe (3),
|
|
|
|
|
.BR keyctl_describe_alloc (3),
|
|
|
|
|
.BR keyctl_get_keyring_ID (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_instantiate (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_join_session_keyring (3),
|
|
|
|
|
.BR keyctl_link (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_negate (3),
|
2016-08-07 18:20:26 +00:00
|
|
|
.BR keyctl_read (3),
|
|
|
|
|
.BR keyctl_read_alloc (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_revoke (3),
|
|
|
|
|
.BR keyctl_search (3),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR keyctl_set_reqkey_keyring (3),
|
|
|
|
|
.BR keyctl_set_timeout (3),
|
2016-08-07 18:20:26 +00:00
|
|
|
.BR keyctl_setperm (3),
|
2012-09-25 04:00:07 +00:00
|
|
|
.BR keyctl_unlink (3),
|
|
|
|
|
.BR keyctl_update (3),
|
2015-04-22 12:04:54 +00:00
|
|
|
.BR keyrings (7),
|
2010-02-25 07:29:42 +00:00
|
|
|
.BR request-key (8)
|
2014-01-22 09:55:00 +00:00
|
|
|
|
|
|
|
|
The kernel source file
|
|
|
|
|
.IR Documentation/security/keys.txt .
|
