From: Maximilian Blenk Date: Wed, 29 Jan 2020 17:10:38 +0000 (+0100) Subject: doc: Add doc for keyring options X-Git-Tag: lxc-4.0.0~55^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F3260%2Fhead;p=thirdparty%2Flxc.git doc: Add doc for keyring options Signed-off-by: Maximilian Blenk --- diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in index 784f83373..8dcadf7c5 100644 --- a/doc/lxc.container.conf.sgml.in +++ b/doc/lxc.container.conf.sgml.in @@ -1932,6 +1932,44 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA lxc.selinux.context = system_u:system_r:lxc_t:s0:c22 + + + + + + + Specify the SELinux context under which the container's keyring + should be created. By default this the same as lxc.selinux.context, or + the the context lxc is executed under if lxc.selinux.context has not been set. + + lxc.selinux.context.keyring = system_u:system_r:lxc_t:s0:c22 + + + + + + + Kernel Keyring + + The Linux Keyring facility is primarily a way for various + kernel components to retain or cache security data, authentication + keys, encryption keys, and other data in the kernel. By default lxc + will create a new session keyring for the started application. + + + + + + + + + Disable the creation of new session keyring by lxc. The started + application will then inherit the current session keyring. + By default, or when passing the value 1, a new keyring will be created. + + lxc.keyring.session = 0 + +