|
NAME | DESCRIPTION | SEE ALSO | COLOPHON |
PROCESS-KEYRING(7) Linux Programmer's Manual PROCESS-KEYRING(7)
process-keyring - per-process shared keyring
The process keyring is a keyring used to anchor keys on behalf of a
process. It is created only when a process requests it. The process
keyring has the name (description) _pid.
A special serial number value, KEY_SPEC_PROCESS_KEYRING, is defined
that can be used in lieu of the actual serial number of the calling
process's process keyring.
From the keyctl(1) utility, '@p' can be used instead of a numeric key
ID in much the same way, but since keyctl(1) is a program run after
forking, this is of no utility.
A thread created using the clone(2) CLONE_THREAD flag has the same
process keyring as the caller of clone(2). When a new process is
created using fork() it initially has no process keyring. A
process's process keyring is cleared on execve(2). The process
keyring is destroyed when the last thread that refers to it
terminates.
If a process doesn't have a process keyring when it is accessed, then
the process keyring will be created if the keyring is to be modified;
otherwise, the error ENOKEY results.
keyctl(1), keyctl(3), keyrings(7), persistent-keyring(7),
session-keyring(7), thread-keyring(7), user-keyring(7),
user-session-keyring(7)
This page is part of release 5.08 of the Linux man-pages project. A
description of the project, information about reporting bugs, and the
latest version of this page, can be found at
https://www.kernel.org/doc/man-pages/.
Linux 2020-08-13 PROCESS-KEYRING(7)
Pages that refer to this page: add_key(2) , keyctl(2) , request_key(2) , keyrings(7) , keyutils(7) , persistent-keyring(7) , session-keyring(7) , thread-keyring(7) , user-keyring(7) , user-session-keyring(7)
Copyright and license for this manual page