PROCESS-KEYRING
Section: Linux Programmer's Manual (7)
Updated: 2020-08-13
Index
Return to Main Contents
NAME
process-keyring - per-process shared keyring
DESCRIPTION
The process keyring is a keyring used to anchor keys on behalf of a process.
It is created only when a process requests it.
The process keyring has the name (description)
_pid.
A special serial number value,
KEY_SPEC_PROCESS_KEYRING,
is defined that can be used in lieu of the actual serial number of
the calling process's process keyring.
From the
keyctl(1)
utility, '@p' can be used instead of a numeric key ID in
much the same way, but since
keyctl(1)
is a program run after forking, this is of no utility.
A thread created using the
clone(2)
CLONE_THREAD
flag has the same process keyring as the caller of
clone(2).
When a new process is created using
fork()
it initially has no process keyring.
A process's process keyring is cleared on
execve(2).
The process keyring is destroyed when the last
thread that refers to it terminates.
If a process doesn't have a process keyring when it is accessed,
then the process keyring will be created if the keyring is to be modified;
otherwise, the error
ENOKEY
results.
SEE ALSO
keyctl(1),
keyctl(3),
keyrings(7),
persistent-keyring(7),
session-keyring(7),
thread-keyring(7),
user-keyring(7),
user-session-keyring(7)
COLOPHON
This page is part of release 5.11 of the Linux
man-pages
project.
A description of the project,
information about reporting bugs,
and the latest version of this page,
can be found at
https://www.kernel.org/doc/man-pages/.
Index
- NAME
-
- DESCRIPTION
-
- SEE ALSO
-
- COLOPHON
-
This document was created by
man2html,
using the manual pages.
Time: 06:22:49 GMT, May 09, 2021