LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

request_key.2: Minor wording fixes 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2016-10-20 21:41:20 +02:00
parent a2b148c3ef
commit e2eab9148d
1 changed files with 18 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
man2/request_key.2
View File

@ -21,26 +21,28 @@ request_key \- request a key from the kernel's key management facility
.fi .fi
.SH DESCRIPTION .SH DESCRIPTION
.BR request_key () .BR request_key ()
asks the kernel to find a key of the given attempts to find a key of the given
.I type .I type
that matches the specified with a description (name) that matches the specified
.I description .I description
and, if successful, to attach it to the nominated and, if successful, attaches it to the nominated
.I keyring .I keyring
and to return its serial number. and returns its serial number.
.P .P
.BR request_key () .BR request_key ()
first recursively searches all the keyrings attached to the calling process in first recursively searches for a matching key in all of the keyrings
the order thread-specific keyring, process-specific keyring and then session attached to the calling process.
keyring for a matching key. The keyrings are searched in the order: thread-specific keyring,
process-specific keyring, and then session keyring.
.P .P
If If
.BR request_key () .BR request_key ()
is called from a program invoked by is called from a program invoked by
.BR request_key () .BR request_key ()
on behalf of some other process to generate a key, then the keyrings of that on behalf of some other process to generate a key, then the keyrings of that
other process will be searched next, using that other process's UID, GID, other process will be searched next,
groups, and security context to control access. using that other process's user ID, group ID,
supplementary group IDs, and security context to control access.
.P .P
The keys in each keyring searched are checked for a match before any child The keys in each keyring searched are checked for a match before any child
keyrings are recursed into. keyrings are recursed into.
@ -52,11 +54,11 @@ keyrings may be searched.
.P .P
If the key is not found, then, if If the key is not found, then, if
.I callout_info .I callout_info
is set, this function will attempt to look further afield. is not NULL, this function will attempt to look further afield.
In such a case, the In such a case, the
.I callout_info .I callout_info
is passed to a user-space service such as is passed to a user-space service such as
.B /sbin/request\-key .I /sbin/request\-key
to generate the key. to generate the key.
.P .P
If that is unsuccessful also, then an error will be returned, and a temporary If that is unsuccessful also, then an error will be returned, and a temporary
@ -70,7 +72,7 @@ to fail until it does.
The The
.I keyring .I keyring
serial number may be that of a valid keyring to which the caller has write serial number may be that of a valid keyring to which the caller has write
permission, or it may be a special keyring ID: permission, or it may be one of the following special keyring IDs:
.TP .TP
.B KEY_SPEC_THREAD_KEYRING .B KEY_SPEC_THREAD_KEYRING
This specifies the caller's thread-specific keyring. This specifies the caller's thread-specific keyring.
@ -92,11 +94,12 @@ will displace any other key of the same type and description from the
destination destination
.IR keyring . .IR keyring .
.SH RETURN VALUE .SH RETURN VALUE
On success On success,
.BR request_key () .BR request_key ()
returns the serial number of the key it found. returns the serial number of the key it found.
On error, the value \-1 On error, \-1 is returned and
will be returned and errno will have been set to an appropriate error. .I errno
is set to indicate the cause of the error.
.SH ERRORS .SH ERRORS
.TP .TP
.B EACCES .B EACCES