keyctl.2: Improve KEYCTL_REJECT description

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-02-10 10:58:07 +01:00 · 2017-02-10 10:58:07 +01:00 · ebf4eb2834
parent 4e23dce354
commit ebf4eb2834
1 changed files with 8 additions and 4 deletions
--- a/man2/keyctl.2
+++ b/man2/keyctl.2
@ -1253,11 +1253,15 @@ program.
 See
 .BR request_key (2).

-Negatively instantiated keys are used to rate limit repeated
+The caller must have the appropriate authorization key,
+and once the uninstantiated key has been instantiated,
+the authorization key is revoked.
+In other words, this operation is available only from a
+.BR request-key (8)-style
+program.
+See
 .BR request_key (2)
-calls by causing them to return the error specified (in
-.IR arg4 )
-until the negatively instantiated key expires.
+for an explanation of uninstantiated keys and key instantiation.

 This operation is exposed by
 .I libkeyutils