|
HTML rendering created 2024-06-26 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | LINKING | SEE ALSO | COLOPHON |
|
|
|
KEYCTL_...RSISTENT(3) Linux Key Management Calls KEYCTL_...RSISTENT(3)
keyctl_get_persistent - get the persistent keyring for a user
#include <keyutils.h>
long keyctl_get_persistent(uid_t uid, key_serial_t keyring);
keyctl_get_persistent() gets the persistent keyring for the
specified user ID. Unlike the session and user keyrings, this
keyring will persist once all login sessions have been deleted
and can thus be used to carry authentication tokens for processes
that run without user interaction, such as programs started by
cron.
The persistent keyring will be created by the kernel if it does
not yet exist. Each time this function is called, the persistent
keyring will have its expiration timeout reset to the value in:
/proc/sys/kernel/keys/persistent_keyring_expiry
(by default three days). Should the timeout be reached, the
persistent keyring will be removed and everything it pins can
then be garbage collected.
If uid is -1 then the calling process's real user ID will be
used. If uid is not -1 then error EPERM will be given if the
user ID requested does not match either the caller's real or
effective user IDs or if the calling process does not have SetUid
capability.
If successful, a link to the persistent keyring will be added
into keyring.
On success keyctl_get_persistent() returns the serial number of
the persistent keyring. On error, the value -1 will be returned
and errno will have been set to an appropriate error.
EPERM Not permitted to access the persistent keyring for the
requested uid.
ENOMEM Insufficient memory to create the persistent keyring or to
extend keyring.
ENOKEY keyring does not exist.
EKEYEXPIRED
keyring has expired.
EKEYREVOKED
keyring has been revoked.
EDQUOT The user does not have sufficient quota to extend keyring.
EACCES keyring exists, but does not grant write permission to the
calling process.
This is a library function that can be found in libkeyutils.
When linking, -lkeyutils should be specified to the linker.
keyctl(1), add_key(2), keyctl(2), request_key(2), keyctl(3),
keyrings(7), keyutils(7), persistent-keyring(7),
This page is part of the keyutils (key management utilities)
project. Information about the project can be found at [unknown
-- if you know, please contact man-pages@man7.org] If you have a
bug report for this manual page, send it to
keyrings@linux-nfs.org. This page was obtained from the
project's upstream Git repository
⟨http://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git⟩
on 2024-06-14. (At that time, the date of the most recent commit
that was found in the repository was 2023-03-20.) If you
discover any rendering problems in this HTML version of the page,
or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the
information in this COLOPHON (which is not part of the original
manual page), send a mail to man-pages@man7.org
Linux 20 Feb 2014 KEYCTL_...RSISTENT(3)
Pages that refer to this page: keyctl(2), keyctl(3), keyrings(7), persistent-keyring(7)
|
HTML rendering created 2024-06-26 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|