7. Miscellaneous (including macro packages and conventions)

Enter a Linux command to search for:

KEYRINGS

Section: Kernel key management (7)
Updated: 21 Feb 2014
Index  |  Return to Main Contents
 

NAME

keyutils - In-kernel key management utilities  

DESCRIPTION

The keyutils package is a library and a set of utilities for accessing the kernel keyrings facility.

A header file is supplied to provide the definitions and declarations required to access the library:

#include <keyutils.h>

To link with the library, the following:

-lkeyutils

should be specified to the linker.

Three system calls are provided:

add_key()
Supply a new key to the kernel.
request_key()
Find an existing key for use, or, optionally, create one if one does not exist.
keyctl()
Control a key in various ways. The library provides a variety of wrappers around this system call and those should be used rather than calling it directly.

See the add_key(2), request_key(2), and keyctl(2) manual pages for more information.

The keyctl() wrappers are listed on the keyctl(3) manual page.  

UTILITIES

A program is provided to interact with the kernel facility by a number of subcommands, e.g.:

keyctl add user foo bar @s

See the keyctl(1) manual page for information on that.

The kernel has the ability to upcall to userspace to fabricate new keys. This can be triggered by request_key(), but userspace is better off using add_key() instead if it possibly can.

The upcalling mechanism is usually routed via the:

request-key

program. What this does with any particular key is configurable in:

/etc/request-key.conf
/etc/request-key.d/

See the request-key.conf(5) and the request-key(8) manual pages for more information.  

SEE ALSO

keyrings(7),
pam_keyinit(8),
process-keyring(7),
session-keyring(7),
thread-keyring(7),
user-keyring(7),
user-session-keyring(7),
persistent-keyring(7)


 

Index

NAME
DESCRIPTION
UTILITIES
SEE ALSO

Return to Main Contents

Close

Search

Close

Share

Close

Dialog