LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

keyrings.7: Tweaks after discussions with David Howells 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2016-11-03 21:26:37 +01:00
parent 424fb6a6bb
commit abb8dc5850
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
man7/keyrings.7
View File

@ -434,6 +434,9 @@ and
for more information. for more information.
.\""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SS /proc files .SS /proc files
The kernel provides various
.I /proc
files that expose information about keys or define limits on key usage.
.TP .TP
.IR /proc/keys " (since Linux 2.6.10)" .IR /proc/keys " (since Linux 2.6.10)"
This file exposes a list of the keys that This file exposes a list of the keys that
@ -495,8 +498,10 @@ The key has been invalidated.
.RE .RE
.TP .TP
Usage Usage
[To be documented] This is a count of the number of kernel credential
.\" FIXME What is "Usage"? structures that are pinning the key
(aproximately: the number of threads and open file references
that refer to this key).
.TP .TP
Timeout Timeout
The amount of time until the key will expire, The amount of time until the key will expire,
@ -517,6 +522,8 @@ The user ID of the key owner.
.TP .TP
GID GID
The group ID of the key. The group ID of the key.
The value \-1 here means that the key as no group ID;
this can occur in certain circumstances for keys created by the kernel.
.TP .TP
Type Type
The key type (user, keyring, etc.) The key type (user, keyring, etc.)
@ -532,10 +539,6 @@ while keyrings show the number of keys linked to the keyring,
or the string or the string
.IR empty .IR empty
if there are no keys linked to the keyring. if there are no keys linked to the keyring.
.TP
???
[To be documented]
.\" FIXME What is the last piece after the colon?
.RE .RE
.TP .TP
.IR /proc/key-users " (since Linux 2.6.10)" .IR /proc/key-users " (since Linux 2.6.10)"
@ -558,8 +561,8 @@ The fields shown in each line are as follows:
The user ID. The user ID.
.TP .TP
.I usage .I usage
[To be documented] This is a kernel-internal usage count for the kernel structure
.\" FIXME What does 'usage' show us? used to record key users.
.TP .TP
.IR nkeys / nikeys .IR nkeys / nikeys
The total number of keys owned by the user, The total number of keys owned by the user,
@ -578,7 +581,12 @@ and the upper limit on the number of bytes in key payloads for that user.
.\" commit 5d135440faf7db8d566de0c6fab36b16cf9cfc3b .\" commit 5d135440faf7db8d566de0c6fab36b16cf9cfc3b
The value in this file specifies the interval, in seconds, The value in this file specifies the interval, in seconds,
after which revoked and expired keys will be garbage collected. after which revoked and expired keys will be garbage collected.
.\" FIXME What is the purpose of the GC delay? The purpose of having such an interval is so that there is a window
of time where user space can see an error (respectively
.BR EKEYREVOKED
and
.BR EKEYEXPIRED )
that indicates what happened to the key.
The default value in this file is 300 (i.e., 5 minutes). The default value in this file is 300 (i.e., 5 minutes).
.TP .TP