1 .\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
2 .\" Written by David Howells (dhowells@redhat.com)
4 .\" %%%LICENSE_START(GPLv2+_SW_ONEPARA)
5 .\" This program is free software; you can redistribute it and/or
6 .\" modify it under the terms of the GNU General Public License
7 .\" as published by the Free Software Foundation; either version
8 .\" 2 of the License, or (at your option) any later version.
11 .\" FIXME Document KEYCTL_REJECT (new in 2.6.39)
12 .\" commit fdd1b94581782a2ddf9124414e5b7a5f48ce2f9c
13 .\" Documentation/security/keys.txt
14 .\" FIXME Document KEYCTL_INSTANTIATE_IOV (new in 2.6.39)
15 .\" commit ee009e4a0d4555ed522a631bae9896399674f064
16 .\" Documentation/security/keys.txt
17 .\" FIXME Document KEYCTL_INVALIDATE (new in 3.5)
18 .\" commit fd75815f727f157a05f4c96b5294a4617c0557da
19 .\" Documentation/security/keys.txt
21 .TH KEYCTL 2 2010-02-25 Linux "Linux Key Management Calls"
23 keyctl \- manipulate the kernel's key management facility
26 .B #include <keyutils.h>
28 .BI "long keyctl(int " cmd ", ...);"
32 has a number of functions available:
34 .B KEYCTL_GET_KEYRING_ID
35 Ask for a keyring's ID.
37 .B KEYCTL_JOIN_SESSION_KEYRING
38 Join or start named session keyring.
47 Set ownership of a key.
56 Clear contents of a keyring.
59 Link a key into a keyring.
62 Unlink a key from a keyring.
65 Search for a key in a keyring.
68 Read a key or keyring's contents.
71 Instantiate a partially constructed key.
74 Negate a partially constructed key.
76 .B KEYCTL_SET_REQKEY_KEYRING
77 Set default request-key keyring.
82 .B KEYCTL_ASSUME_AUTHORITY
83 Assume authority to instantiate key.
87 into individual functions to permit compiler the compiler to check types.
90 section at the bottom.
94 returns the serial number of the key it found.
95 On error, the value \-1
96 will be returned and errno will have been set to an appropriate error.
100 A key operation wasn't permitted.
103 The key quota for the caller's user would be exceeded by creating a key or
104 linking it to the keyring.
107 An expired key was found or specified.
110 A rejected key was found or specified.
113 A revoked key was found or specified.
116 No matching key was found or an invalid key was specified.
118 Although this is a Linux system call, it is not present in
120 but can be found rather in
124 should be specified to the linker.
131 .BR keyctl_set_timeout (3),
132 .BR keyctl_chown (3),
133 .BR keyctl_clear (3),
134 .BR keyctl_describe (3),
135 .BR keyctl_describe_alloc (3),
136 .BR keyctl_get_keyring_ID (3),
137 .BR keyctl_instantiate (3),
138 .BR keyctl_join_session_keyring (3),
140 .BR keyctl_negate (3),
141 .BR keyctl_revoke (3),
142 .BR keyctl_search (3),
143 .BR keyctl_setperm (3),
144 .BR keyctl_set_reqkey_keyring (3),
145 .BR keyctl_set_timeout (3),
147 .BR keyctl_read_alloc (3),
148 .BR keyctl_unlink (3),
149 .BR keyctl_update (3),