LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

keyrings.7: Document /proc files that define key quotas 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2016-11-03 19:41:01 +01:00
parent baf69887a2
commit 5b0a63f609
1 changed files with 39 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
man7/keyrings.7
View File

@ -431,16 +431,47 @@ See
and
.BR request-key.conf (5)
for more information.
.SS /proc files
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.\" FIXME document /proc files
.\" /proc/keys
.\" /proc/key-users
.\" /proc/sys/kernel/keys/gc_delay
.\" /proc/sys/kernel/keys/maxbytes
.\" /proc/sys/kernel/keys/maxkeys
.\" /proc/sys/kernel/keys/persistent_keyring_expiry
.\" /proc/sys/kernel/keys/root_maxbytes
.\" /proc/sys/kernel/keys/root_maxkeys
.PP
The following files (which are writable by privileged processies)
are used to enforce quotas on the number of keys
and number of bytes of data that can be stored in key payloads:
.TP
.IR /proc/sys/kernel/keys/maxbytes " (since Linux 2.6.26)"
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
.\" Previously: KEYQUOTA_MAX_BYTES 10000
This is the maximum number of bytes of data that a nonroot user
can hold in the payloads of the keys owned by the user.
The default value in this file is 20,000.
.TP
.IR /proc/sys/kernel/keys/maxkeys " (since Linux 2.6.26)"
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
.\" Previously: KEYQUOTA_MAX_KEYS 100
This is the maximum number of keys that a nonroot user may own.
The default value in this file is 200.
.TP
.IR /proc/sys/kernel/keys/root_maxbytes " (since Linux 2.6.26)"
This is the maximum number of bytes of data that the root user
(UID 0 in the root user namespace)
can hold in the payloads of the keys owned by root.
The default value in this file is 25,000,000.
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
.TP
.IR /proc/sys/kernel/keys/root_maxkeys " (since Linux 2.6.26)"
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
This is the maximum number of keys that the root user
(UID 0 in the root user namespace)
may own.
The default value in this file is 1,000,000.
.PP
With respect to keyrings,
note that each link in a keyring consumes 4 bytes of the keyring payload.
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SS Users
The Linux key-management facility has a number of users and usages,