mirror of https://github.com/mkerrisk/man-pages
keyctl.2: Document the KEYCTL_RESTRICT_KEYRING operation
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
8a351f8497
commit
54d5a1c72b
|
@ -1543,6 +1543,60 @@ and should contain zeroes since Linux 4.13.
|
|||
.IP
|
||||
The KDF implementation complies with SP800-56A as well
|
||||
as with SP800-108 (the counter KDF).
|
||||
.TP
|
||||
.BR KEYCTL_RESTRICT_KEYRING " (since Linux 4.12)"
|
||||
.\" commit 6563c91fd645556c7801748f15bc727c77fcd311
|
||||
.\" commit 7228b66aaf723a623e578aa4db7d083bb39546c9
|
||||
Apply a key linking restriction to a keyring with the ID provided in
|
||||
.IR arg2 .
|
||||
(cast to
|
||||
.IR key_serial_t ).
|
||||
The caller must have
|
||||
.IR setattr
|
||||
permission on the key.
|
||||
If
|
||||
.I arg3
|
||||
is NULL, any attempt to add a key to the keyring is blocked;
|
||||
otherwise it contains a pointer to a string with a key type name and
|
||||
.I arg4
|
||||
contains a pointer to string that describes the type-specific restriction.
|
||||
As of Linux 4.12, only type "asymmetric" has the restrictions defined:
|
||||
.RS
|
||||
.TP
|
||||
.B builtin_trusted
|
||||
Allows only keys that are signed by a key linked to the builtin keyring
|
||||
(".builtin_trusted_keys").
|
||||
.TP
|
||||
.B builtin_and_secondary_trusted
|
||||
Allows only keys that are signed by a key linked to the secondary keyring
|
||||
(".secondary_trusted_keys") or, by extension, a key in builtin keyring,
|
||||
as the latter is linked to the former.
|
||||
.TP
|
||||
.BI key_or_keyring: key
|
||||
.TQ
|
||||
.BI key_or_keyring: key :chain
|
||||
If
|
||||
.I key
|
||||
specifies ID of a key of type "asymmetric", then only keys that are signed
|
||||
by this key are allowed.
|
||||
.IP
|
||||
If
|
||||
.I key
|
||||
specifies ID of a keyring, then only keys that are signed by a key linked
|
||||
to this keyring are allowed.
|
||||
.IP
|
||||
If ":chain" is specified, keys that are signed by a keys linked to the
|
||||
destination keyring (that is, the keyring with ID specified in the
|
||||
.I arg2
|
||||
argument) are also allowed.
|
||||
.RE
|
||||
.IP
|
||||
Note that a restriction can be configured only once for the specific keyring;
|
||||
once it is set, it can't be overridden.
|
||||
.IP
|
||||
The argument
|
||||
.I arg5
|
||||
is ignored.
|
||||
.SH RETURN VALUE
|
||||
For a successful call, the return value depends on the operation:
|
||||
.TP
|
||||
|
@ -1610,10 +1664,24 @@ was
|
|||
.BR KEYCTL_LINK
|
||||
and the requested link would result in a cycle.
|
||||
.TP
|
||||
.B EDEADLK
|
||||
.I operation
|
||||
was
|
||||
.BR KEYCTL_RESTRICT_KEYRING
|
||||
and the requested keyring restriction would result in a cycle.
|
||||
.TP
|
||||
.B EDQUOT
|
||||
The key quota for the caller's user would be exceeded by creating a key or
|
||||
linking it to the keyring.
|
||||
.TP
|
||||
.B EEXIST
|
||||
.I operation
|
||||
was
|
||||
.BR KEYCTL_RESTRICT_KEYRING
|
||||
and keyring provided in
|
||||
.I arg2
|
||||
argument already has a restriction set.
|
||||
.TP
|
||||
.B EFAULT
|
||||
.I operation
|
||||
was
|
||||
|
@ -1781,6 +1849,14 @@ pointed by
|
|||
.I arg5
|
||||
argument hasn't been found.
|
||||
.TP
|
||||
.B ENOENT
|
||||
.I operation
|
||||
was
|
||||
.B KEYCTL_RESTRICT_KEYRING
|
||||
and the type provided in
|
||||
.I arg3
|
||||
argument doesn't support setting key linking restrictions.
|
||||
.TP
|
||||
.B ENOKEY
|
||||
No matching key was found or an invalid key was specified.
|
||||
.TP
|
||||
|
@ -1817,6 +1893,17 @@ was
|
|||
.B KEYCTL_UPDATE
|
||||
and the key type does not support updating.
|
||||
.TP
|
||||
.B EOPNOTSUPP
|
||||
.I operation
|
||||
was
|
||||
.BR KEYCTL_RESTRICT_KEYRING ,
|
||||
the type provided in
|
||||
.I arg3
|
||||
argument was "asymmetric", and the key specified in the restriction specification
|
||||
provided in
|
||||
.I arg4
|
||||
has type other than "asymmetric" or "keyring".
|
||||
.TP
|
||||
.B EPERM
|
||||
.I operation
|
||||
was
|
||||
|
|
Loading…
Reference in New Issue