mirror of https://github.com/mkerrisk/man-pages
keyrings.7: Document /proc files that define key quotas
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
baf69887a2
commit
5b0a63f609
|
@ -431,16 +431,47 @@ See
|
||||||
and
|
and
|
||||||
.BR request-key.conf (5)
|
.BR request-key.conf (5)
|
||||||
for more information.
|
for more information.
|
||||||
|
.SS /proc files
|
||||||
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
|
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
|
||||||
.\" FIXME document /proc files
|
.\" FIXME document /proc files
|
||||||
.\" /proc/keys
|
.PP
|
||||||
.\" /proc/key-users
|
The following files (which are writable by privileged processies)
|
||||||
.\" /proc/sys/kernel/keys/gc_delay
|
are used to enforce quotas on the number of keys
|
||||||
.\" /proc/sys/kernel/keys/maxbytes
|
and number of bytes of data that can be stored in key payloads:
|
||||||
.\" /proc/sys/kernel/keys/maxkeys
|
.TP
|
||||||
.\" /proc/sys/kernel/keys/persistent_keyring_expiry
|
.IR /proc/sys/kernel/keys/maxbytes " (since Linux 2.6.26)"
|
||||||
.\" /proc/sys/kernel/keys/root_maxbytes
|
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
|
||||||
.\" /proc/sys/kernel/keys/root_maxkeys
|
.\" Previously: KEYQUOTA_MAX_BYTES 10000
|
||||||
|
This is the maximum number of bytes of data that a nonroot user
|
||||||
|
can hold in the payloads of the keys owned by the user.
|
||||||
|
|
||||||
|
The default value in this file is 20,000.
|
||||||
|
.TP
|
||||||
|
.IR /proc/sys/kernel/keys/maxkeys " (since Linux 2.6.26)"
|
||||||
|
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
|
||||||
|
.\" Previously: KEYQUOTA_MAX_KEYS 100
|
||||||
|
This is the maximum number of keys that a nonroot user may own.
|
||||||
|
|
||||||
|
The default value in this file is 200.
|
||||||
|
.TP
|
||||||
|
.IR /proc/sys/kernel/keys/root_maxbytes " (since Linux 2.6.26)"
|
||||||
|
This is the maximum number of bytes of data that the root user
|
||||||
|
(UID 0 in the root user namespace)
|
||||||
|
can hold in the payloads of the keys owned by root.
|
||||||
|
|
||||||
|
The default value in this file is 25,000,000.
|
||||||
|
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
|
||||||
|
.TP
|
||||||
|
.IR /proc/sys/kernel/keys/root_maxkeys " (since Linux 2.6.26)"
|
||||||
|
.\" commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
|
||||||
|
This is the maximum number of keys that the root user
|
||||||
|
(UID 0 in the root user namespace)
|
||||||
|
may own.
|
||||||
|
|
||||||
|
The default value in this file is 1,000,000.
|
||||||
|
.PP
|
||||||
|
With respect to keyrings,
|
||||||
|
note that each link in a keyring consumes 4 bytes of the keyring payload.
|
||||||
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
|
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
|
||||||
.SS Users
|
.SS Users
|
||||||
The Linux key-management facility has a number of users and usages,
|
The Linux key-management facility has a number of users and usages,
|
||||||
|
|
Loading…
Reference in New Issue