process-keyring

PROCESS-KEYRING(7)         Linux Programmer's Manual        PROCESS-KEYRING(7)

NAME
       process-keyring - per-process shared keyring

DESCRIPTION
       The  process  keyring  is  a keyring used to anchor keys on behalf of a
       process.  It is created only when a process requests it.   The  process
       keyring has the name (description) _pid.

       A  special  serial  number  value, KEY_SPEC_PROCESS_KEYRING, is defined
       that can be used in lieu of the actual serial  number  of  the  calling
       process's process keyring.

       From  the  keyctl(1) utility, '@p' can be used instead of a numeric key
       ID in much the same way, but since keyctl(1) is  a  program  run  after
       forking, this is of no utility.

       A  thread  created  using  the  clone(2) CLONE_THREAD flag has the same
       process keyring as the caller of clone(2).  When a new process is  cre-
       ated  using  fork()  it  initially has no process keyring.  A process's
       process keyring is cleared on execve(2).  The process  keyring  is  de-
       stroyed when the last thread that refers to it terminates.

       If  a  process doesn't have a process keyring when it is accessed, then
       the process keyring will be created if the keyring is to  be  modified;
       otherwise, the error ENOKEY results.

SEE ALSO
       keyctl(1), keyctl(3), keyrings(7), persistent-keyring(7),
       session-keyring(7), thread-keyring(7), user-keyring(7),
       user-session-keyring(7)

COLOPHON
       This page is part of release 5.05 of the Linux man-pages project.  A
       description of the project, information about reporting bugs, and the
       latest version of this page, can be found at
       https://www.kernel.org/doc/man-pages/.

Linux                             2017-03-13                PROCESS-KEYRING(7)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2024 Hurricane Electric. All Rights Reserved.