diff options
| author | Michael Kerrisk <mtk.manpages@gmail.com> | 2016-11-01 19:08:09 +0100 |
|---|---|---|
| committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2016-12-27 09:36:18 +0100 |
| commit | f437df79f2e9f41530503c0542f506962112ef99 (patch) | |
| tree | 1904488a47da825108044941fda4b2e83a1ed1b9 /man7/user-session-keyring.7 | |
| parent | a44454bc1b3c24afebaed65d197e3f5c4ecf3141 (diff) | |
| download | man-pages-f437df79f2e9f41530503c0542f506962112ef99.tar.gz | |
keyrings.7, persistent-keyring.7, process-keyring.7, session-keyring.7, thread-keyring.7, user-keyring.7, user-session-keyring.7: ffix + pages xref fixes
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Diffstat (limited to 'man7/user-session-keyring.7')
| -rw-r--r-- | man7/user-session-keyring.7 | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/man7/user-session-keyring.7 b/man7/user-session-keyring.7 index 6e715d8702..439809f32a 100644 --- a/man7/user-session-keyring.7 +++ b/man7/user-session-keyring.7 @@ -14,9 +14,7 @@ .SH NAME user-session-keyring \- per-user default session keyring .SH DESCRIPTION -The -.B user session keyring -is a keyring used to anchor keys on behalf of a user. +The user session keyring is a keyring used to anchor keys on behalf of a user. Each UID the kernel deals with has its own user session keyring. This keyring is associated with @@ -26,7 +24,9 @@ It is shared amongst all processes of that UID. .P The user session keyring is created on demand when a thread requests it -or when a thread asks for its \fBsession keyring\fP and that doesn't exist. +or when a thread asks for its +.BR session-keyring (7) +and that doesn't exist. In the latter case, a user session keyring will be created and, if the session keyring wasn't to be created, the user session keyring will be set as the process's @@ -35,22 +35,34 @@ actual session keyring. The user session keyring is searched by \fBrequest_key\fP() if the actual session keyring does not exist and is ignored otherwise. .P -A special serial number value, \fBKEY_SPEC_USER_SESSION_KEYRING\fP, is defined +A special serial number value, +.BR KEY_SPEC_USER_SESSION_KEYRING , +is defined that can be used in lieu of the calling process's user session keyring's actual serial number. .P From the keyctl utility, '\fB@us\fP' can be used instead of a numeric key ID in much the same way. .P -User session keyrings are independent of clone(), fork(), vfork(), execve() and -exit() excepting that the keyring is destroyed when the UID record is destroyed +User session keyrings are independent of +.BR clone (2), +.BR fork (2), +.BR vfork (2), +.BR execve (2), +and +.BR exit (2) +excepting that the keyring is destroyed when the UID record is destroyed when the last process pinning it exits. .P If a user session keyring does not exist when it is accessed, it will be created. .P -It is strongly recommended that a \fBsession keyring\fP be set explicitly, for -example by \fBpam_keyinit\fP, rather than relying on the user session keyring - +It is strongly recommended that a +.BR session-keyring (7) +be set explicitly, for +example by +.BR pam_keyinit (8), +rather than relying on the user session keyring - particularly if a process is running as root. .\""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" .SH SEE ALSO |