| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <23323.1481796656@warthog.procyon.org.uk>
Date: Thu, 15 Dec 2016 10:10:56 +0000
From: David Howells <dhowells@...hat.com>
To: mtk.manpages@...il.com
Cc: dhowells@...hat.com, keyrings@...r.kernel.org,
linux-man <linux-man@...r.kernel.org>,
Eugene Syromyatnikov <evgsyr@...il.com>,
lkml <linux-kernel@...r.kernel.org>
Subject: Re: Revised request_key(2) man page for review
Michael Kerrisk (man-pages) <mtk.manpages@...il.com> wrote:
> > │Is 'keyring' allowed to be 0? Reading the source, it │
> > │appears so. In this case, by default, the key is │
> > │assigned to the session keyring. But, the │
> > │KEYCTL_SET_REQKEY_KEYRING also seems to have an │
> > │influence here. What are the details here? │
Yes, the destination keyring can be 0. If you don't specify a destination
keyring, then:
(1) If the key is found to already exist, the serial number is returned, but
no extra link is made.
(2) If an error occurs other than "this key doesn't exist", then you'll just
get the error.
(3) If we have to construct a new key, this will be attached to the default
keyring (as there's no destination keyring to attach to).
> > # echo 'create user mtk:* * /bin/keyctl instantiate %k %c %S' \
> > > /etc/request-keys.conf
There's a /etc/request-keys.d/ directory now.
David
Powered by blists - more mailing lists