]>
Commit | Line | Data |
---|---|---|
4509c62e MK |
1 | .\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved. |
2 | .\" Written by David Howells (dhowells@redhat.com) | |
3 | .\" | |
23dbdcbe | 4 | .\" %%%LICENSE_START(GPLv2+_SW_ONEPARA) |
4509c62e MK |
5 | .\" This program is free software; you can redistribute it and/or |
6 | .\" modify it under the terms of the GNU General Public License | |
7 | .\" as published by the Free Software Foundation; either version | |
8 | .\" 2 of the License, or (at your option) any later version. | |
722b6788 | 9 | .\" %%%LICENSE_END |
4509c62e | 10 | .\" |
914ab995 MK |
11 | .\" FIXME Document KEYCTL_GET_SECURITY (new in 2.6.26) |
12 | .\" commit 70a5bb72b55e82fbfbf1e22cae6975fac58a1e2d | |
13 | .\" Author: David Howells <dhowells@redhat.com> | |
14 | .\" Date: Tue Apr 29 01:01:26 2008 -0700 | |
15 | .\" FIXME Document KEYCTL_SESSION_TO_PARENT (new in 2.6.32) | |
16 | .\" commit ee18d64c1f632043a02e6f5ba5e045bb26a5465f | |
17 | .\" Author: David Howells <dhowells@redhat.com> | |
18 | .\" Date: Wed Sep 2 09:14:21 2009 +0100 | |
19 | .\" FIXME Document KEYCTL_REJECT (new in 2.6.39) | |
20 | .\" commit fdd1b94581782a2ddf9124414e5b7a5f48ce2f9c | |
21 | .\" Author: David Howells <dhowells@redhat.com> | |
22 | .\" Documentation/security/keys.txt | |
23 | .\" FIXME Document KEYCTL_INSTANTIATE_IOV (new in 2.6.39) | |
24 | .\" commit ee009e4a0d4555ed522a631bae9896399674f064 | |
25 | .\" Author: David Howells <dhowells@redhat.com> | |
26 | .\" Documentation/security/keys.txt | |
27 | .\" FIXME Document KEYCTL_INVALIDATE (new in 3.5) | |
28 | .\" commit fd75815f727f157a05f4c96b5294a4617c0557da | |
29 | .\" Author: David Howells <dhowells@redhat.com> | |
30 | .\" Documentation/security/keys.txt | |
31 | .\" FIXME Document KEYCTL_GET_PERSISTENT (new in 3.13) | |
32 | .\" commit f36f8c75ae2e7d4da34f4c908cebdb4aa42c977e | |
33 | .\" Author: David Howells <dhowells@redhat.com> | |
34 | .\" | |
67d2c687 | 35 | .TH KEYCTL 2 2015-05-07 Linux "Linux Key Management Calls" |
4509c62e | 36 | .SH NAME |
f68512e9 | 37 | keyctl \- manipulate the kernel's key management facility |
4509c62e MK |
38 | .SH SYNOPSIS |
39 | .nf | |
40 | .B #include <keyutils.h> | |
41 | .sp | |
914ab995 | 42 | .BI "long keyctl(int " cmd ", ...);" |
6030f2d8 | 43 | .fi |
4509c62e MK |
44 | .SH DESCRIPTION |
45 | .BR keyctl () | |
914ab995 | 46 | has a number of functions available: |
4509c62e | 47 | .TP |
a92d3bb4 | 48 | .B KEYCTL_GET_KEYRING_ID |
914ab995 | 49 | Ask for a keyring's ID. |
4509c62e | 50 | .TP |
a92d3bb4 | 51 | .B KEYCTL_JOIN_SESSION_KEYRING |
914ab995 | 52 | Join or start named session keyring. |
4509c62e | 53 | .TP |
a92d3bb4 | 54 | .B KEYCTL_UPDATE |
914ab995 | 55 | Update a key. |
4509c62e | 56 | .TP |
a92d3bb4 | 57 | .B KEYCTL_REVOKE |
914ab995 | 58 | Revoke a key. |
4509c62e | 59 | .TP |
a92d3bb4 | 60 | .B KEYCTL_CHOWN |
914ab995 | 61 | Set ownership of a key. |
4509c62e | 62 | .TP |
a92d3bb4 | 63 | .B KEYCTL_SETPERM |
914ab995 | 64 | Set perms on a key. |
4509c62e | 65 | .TP |
a92d3bb4 | 66 | .B KEYCTL_DESCRIBE |
914ab995 | 67 | Describe a key. |
4509c62e | 68 | .TP |
a92d3bb4 | 69 | .B KEYCTL_CLEAR |
914ab995 | 70 | Clear contents of a keyring. |
4509c62e | 71 | .TP |
a92d3bb4 | 72 | .B KEYCTL_LINK |
914ab995 | 73 | Link a key into a keyring. |
4509c62e | 74 | .TP |
a92d3bb4 | 75 | .B KEYCTL_UNLINK |
914ab995 | 76 | Unlink a key from a keyring. |
4509c62e | 77 | .TP |
a92d3bb4 | 78 | .B KEYCTL_SEARCH |
914ab995 | 79 | Search for a key in a keyring. |
4509c62e | 80 | .TP |
a92d3bb4 | 81 | .B KEYCTL_READ |
914ab995 | 82 | Read a key or keyring's contents. |
4509c62e | 83 | .TP |
a92d3bb4 | 84 | .B KEYCTL_INSTANTIATE |
914ab995 | 85 | Instantiate a partially constructed key. |
4509c62e | 86 | .TP |
a92d3bb4 | 87 | .B KEYCTL_NEGATE |
914ab995 | 88 | Negate a partially constructed key. |
8ec6a211 | 89 | .TP |
914ab995 MK |
90 | .B KEYCTL_SET_REQKEY_KEYRING |
91 | Set default request-key keyring. | |
8ec6a211 | 92 | .TP |
914ab995 MK |
93 | .B KEYCTL_SET_TIMEOUT |
94 | Set timeout on a key. | |
8ec6a211 | 95 | .TP |
914ab995 MK |
96 | .B KEYCTL_ASSUME_AUTHORITY |
97 | Assume authority to instantiate key. | |
4509c62e MK |
98 | .P |
99 | These are wrapped by | |
100 | .B libkeyutils | |
f5de7914 MK |
101 | into individual functions (listed under SEE ALSO) |
102 | to permit the compiler to check types. | |
4509c62e | 103 | .SH RETURN VALUE |
914ab995 MK |
104 | On success |
105 | .BR keyctl () | |
106 | returns the serial number of the key it found. | |
107 | On error, the value \-1 | |
108 | will be returned and errno will have been set to an appropriate error. | |
4509c62e MK |
109 | .SH ERRORS |
110 | .TP | |
27807c32 MK |
111 | .B EACCES |
112 | A key operation wasn't permitted. | |
113 | .TP | |
114 | .B EDQUOT | |
115 | The key quota for the caller's user would be exceeded by creating a key or | |
116 | linking it to the keyring. | |
4509c62e MK |
117 | .TP |
118 | .B EKEYEXPIRED | |
119 | An expired key was found or specified. | |
120 | .TP | |
4509c62e MK |
121 | .B EKEYREJECTED |
122 | A rejected key was found or specified. | |
123 | .TP | |
27807c32 MK |
124 | .B EKEYREVOKED |
125 | A revoked key was found or specified. | |
4509c62e | 126 | .TP |
27807c32 MK |
127 | .B ENOKEY |
128 | No matching key was found or an invalid key was specified. | |
4509c62e MK |
129 | .SH LINKING |
130 | Although this is a Linux system call, it is not present in | |
131 | .I libc | |
132 | but can be found rather in | |
133 | .IR libkeyutils . | |
134 | When linking, | |
135 | .B -lkeyutils | |
136 | should be specified to the linker. | |
4509c62e | 137 | .SH SEE ALSO |
e264f024 MK |
138 | .ad l |
139 | .nh | |
4509c62e | 140 | .BR keyctl (1), |
4509c62e | 141 | .BR add_key (2), |
4509c62e | 142 | .BR request_key (2), |
4509c62e | 143 | .BR keyctl_chown (3), |
4509c62e | 144 | .BR keyctl_clear (3), |
cf4d4361 DP |
145 | .BR keyctl_describe (3), |
146 | .BR keyctl_describe_alloc (3), | |
147 | .BR keyctl_get_keyring_ID (3), | |
4509c62e | 148 | .BR keyctl_instantiate (3), |
cf4d4361 DP |
149 | .BR keyctl_join_session_keyring (3), |
150 | .BR keyctl_link (3), | |
4509c62e | 151 | .BR keyctl_negate (3), |
d8f1a35c MK |
152 | .BR keyctl_read (3), |
153 | .BR keyctl_read_alloc (3), | |
cf4d4361 DP |
154 | .BR keyctl_revoke (3), |
155 | .BR keyctl_search (3), | |
4509c62e | 156 | .BR keyctl_set_reqkey_keyring (3), |
4509c62e | 157 | .BR keyctl_set_timeout (3), |
d8f1a35c | 158 | .BR keyctl_setperm (3), |
cf4d4361 DP |
159 | .BR keyctl_unlink (3), |
160 | .BR keyctl_update (3), | |
32fc2407 | 161 | .BR keyrings (7), |
4509c62e | 162 | .BR request-key (8) |
7e7454ef MK |
163 | |
164 | The kernel source file | |
165 | .IR Documentation/security/keys.txt . |