LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

keyrings.7: Document /proc files that define key quotas 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2016-11-03 19:41:01 +01:00
parent baf69887a2
commit 5b0a63f609
1 changed files with 39 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
man7/keyrings.7
View File

@ -431,16 +431,47 @@ See
and and
.BR request-key.conf (5) .BR request-key.conf (5)
for more information. for more information.
.SS /proc files
.\""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.\" FIXME document /proc files .\" FIXME document /proc files
.\" /proc/keys .PP
.\" /proc/key-users The following files (which are writable by privileged processies)
.\" /proc/sys/kernel/keys/gc_delay are used to enforce quotas on the number of keys
.\" /proc/sys/kernel/keys/maxbytes and number of bytes of data that can be stored in key payloads:
.\" /proc/sys/kernel/keys/maxkeys .TP
.\" /proc/sys/kernel/keys/persistent_keyring_expiry .IR /proc/sys/kernel/keys/maxbytes " (since Linux 2.6.26)"
.\" /proc/sys/kernel/keys/root_maxbytes .\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
.\" /proc/sys/kernel/keys/root_maxkeys .\" Previously: KEYQUOTA_MAX_BYTES 10000
This is the maximum number of bytes of data that a nonroot user
can hold in the payloads of the keys owned by the user.
The default value in this file is 20,000.
.TP
.IR /proc/sys/kernel/keys/maxkeys " (since Linux 2.6.26)"
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
.\" Previously: KEYQUOTA_MAX_KEYS 100
This is the maximum number of keys that a nonroot user may own.
The default value in this file is 200.
.TP
.IR /proc/sys/kernel/keys/root_maxbytes " (since Linux 2.6.26)"
This is the maximum number of bytes of data that the root user
(UID 0 in the root user namespace)
can hold in the payloads of the keys owned by root.
The default value in this file is 25,000,000.
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
.TP
.IR /proc/sys/kernel/keys/root_maxkeys " (since Linux 2.6.26)"
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
This is the maximum number of keys that the root user
(UID 0 in the root user namespace)
may own.
The default value in this file is 1,000,000.
.PP
With respect to keyrings,
note that each link in a keyring consumes 4 bytes of the keyring payload.
.\""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SS Users .SS Users
The Linux key-management facility has a number of users and usages, The Linux key-management facility has a number of users and usages,