process-keyring(7) — Linux manual page

NAME \| DESCRIPTION \| SEE ALSO \| COLOPHON

PROCESS-KEYRING(7)      Linux Programmer's Manual     PROCESS-KEYRING(7)

NAME top

       process-keyring - per-process shared keyring

DESCRIPTION top

       The process keyring is a keyring used to anchor keys on behalf of
       a process.  It is created only when a process requests it.  The
       process keyring has the name (description) _pid.

       A special serial number value, KEY_SPEC_PROCESS_KEYRING, is
       defined that can be used in lieu of the actual serial number of
       the calling process's process keyring.

       From the keyctl(1) utility, '@p' can be used instead of a numeric
       key ID in much the same way, but since keyctl(1) is a program run
       after forking, this is of no utility.

       A thread created using the clone(2) CLONE_THREAD flag has the
       same process keyring as the caller of clone(2).  When a new
       process is created using fork() it initially has no process
       keyring.  A process's process keyring is cleared on execve(2).
       The process keyring is destroyed when the last thread that refers
       to it terminates.

       If a process doesn't have a process keyring when it is accessed,
       then the process keyring will be created if the keyring is to be
       modified; otherwise, the error ENOKEY results.

COLOPHON top

       This page is part of release 5.10 of the Linux man-pages project.
       A description of the project, information about reporting bugs,
       and the latest version of this page, can be found at
       https://www.kernel.org/doc/man-pages/.

Linux                          2020-08-13             PROCESS-KEYRING(7)

Pages that refer to this page: add_key(2), keyctl(2), request_key(2), keyrings(7), keyutils(7), persistent-keyring(7), session-keyring(7), thread-keyring(7), user-keyring(7), user-session-keyring(7)

process-keyring(7) — Linux manual page

NAME top

DESCRIPTION top

SEE ALSO top

COLOPHON top