# Spanish translation of manpages
# This file is distributed under the same license as the manpages-l10n package.
# Copyright © of this file:
msgid ""
msgstr ""
"Project-Id-Version: manpages-l10n 4.11.0\n"
"POT-Creation-Date: 2024-06-01 05:59+0200\n"
"PO-Revision-Date: 2021-09-03 21:24+0200\n"
"Last-Translator: Automatically generated\n"
"Language-Team: Spanish <debian-l10n-spanish@lists.debian.org>\n"
"Language: es\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"

#. type: TH
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "keyrings"
msgstr ""

#. type: TH
#: archlinux debian-unstable opensuse-tumbleweed
#, no-wrap
msgid "2024-05-02"
msgstr "2 Mayo 2024"

#. type: TH
#: archlinux debian-unstable
#, no-wrap
msgid "Linux man-pages 6.8"
msgstr "Páginas de Manual de Linux 6.8"

#. type: SH
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "NAME"
msgstr "NOMBRE"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "keyrings - in-kernel key management and retention facility"
msgstr ""

#. type: SH
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "DESCRIPTION"
msgstr "DESCRIPCIÓN"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The Linux key-management facility is primarily a way for various kernel "
"components to retain or cache security data, authentication keys, encryption "
"keys, and other data in the kernel."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"System call interfaces are provided so that user-space programs can manage "
"those objects and also use the facility for their own purposes; see "
"B<add_key>(2), B<request_key>(2), and B<keyctl>(2)."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A library and some user-space utilities are provided to allow access to the "
"facility.  See B<keyctl>(1), B<keyctl>(3), and B<keyutils>(7)  for more "
"information."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Keys"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "A key has the following attributes:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Serial number (ID)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This is a unique integer handle by which a key is referred to in system "
"calls.  The serial number is sometimes synonymously referred as the key ID.  "
"Programmatically, key serial numbers are represented using the type "
"I<key_serial_t>."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Type"
msgstr "Tipo"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A key's type defines what sort of data can be held in the key, how the "
"proposed content of the key will be parsed, and how the payload will be used."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"There are a number of general-purpose types available, plus some specialist "
"types defined by specific kernel components."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Description (name)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The key description is a printable string that is used as the search term "
"for the key (in conjunction with the key type) as well as a display name.  "
"During searches, the description may be partially matched or exactly matched."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Payload (data)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The payload is the actual content of a key.  This is usually set when a key "
"is created, but it is possible for the kernel to upcall to user space to "
"finish the instantiation of a key if that key wasn't already known to the "
"kernel when it was requested.  For further details, see B<request_key>(2)."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A key's payload can be read and updated if the key type supports it and if "
"suitable permission is granted to the caller."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Access rights"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Much as files do, each key has an owning user ID, an owning group ID, and a "
"security label.  Each key also has a set of permissions, though there are "
"more than for a normal UNIX file, and there is an additional "
"category\\[em]possessor\\[em]beyond the usual user, group, and other (see "
"I<Possession>, below)."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Note that keys are quota controlled, since they require unswappable kernel "
"memory.  The owning user ID specifies whose quota is to be debited."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Expiration time"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Each key can have an expiration time set.  When that time is reached, the "
"key is marked as being expired and accesses to it fail with the error "
"B<EKEYEXPIRED>.  If not deleted, updated, or replaced, then, after a set "
"amount of time, an expired key is automatically removed (garbage collected)  "
"along with all links to it, and attempts to access the key fail with the "
"error B<ENOKEY>."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Reference count"
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Each key has a reference count.  Keys are referenced by keyrings, by "
"currently active users, and by a process's credentials.  When the reference "
"count reaches zero, the key is scheduled for garbage collection."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Key types"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The kernel provides several basic types of key:"
msgstr ""

#. type: TP
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
#, no-wrap
msgid "I<\\[dq]keyring\\[dq]>"
msgstr ""

#.  Note that keyrings use different fields in struct key in order to store
#.  their data - index_key instead of type/description and name_link/keys
#.  instead of payload.
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Keyrings are special keys which store a set of links to other keys "
"(including other keyrings), analogous to a directory holding links to "
"files.  The main purpose of a keyring is to prevent other keys from being "
"garbage collected because nothing refers to them."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Keyrings with descriptions (names)  that begin with a period (\\[aq].\\[aq]) "
"are reserved to the implementation."
msgstr ""

#. type: TP
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
#, no-wrap
msgid "I<\\[dq]user\\[dq]>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This is a general-purpose key type.  The key is kept entirely within kernel "
"memory.  The payload may be read and updated by user-space applications."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The payload for keys of this type is a blob of arbitrary data of up to "
"32,767 bytes."
msgstr ""

#. type: Plain text
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
msgid ""
"The description may be any valid string, though it is preferred that it "
"start with a colon-delimited prefix representing the service to which the "
"key is of interest (for instance I<\\[dq]afs:mykey\\[dq]>)."
msgstr ""

#. type: TP
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
#, fuzzy, no-wrap
#| msgid "I<balloon_deflate> (since Linux 3.18)"
msgid "I<\\[dq]logon\\[dq]> (since Linux 3.3)"
msgstr "I<balloon_deflate> (desde Linux 3.18)"

#.  commit 9f6ed2ca257fa8650b876377833e6f14e272848b
#. type: Plain text
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
msgid ""
"This key type is essentially the same as I<\\[dq]user\\[dq]>, but it does "
"not provide reading (i.e., the B<keyctl>(2)  B<KEYCTL_READ> operation), "
"meaning that the key payload is never visible from user space.  This is "
"suitable for storing username-password pairs that should not be readable "
"from user space."
msgstr ""

#. type: Plain text
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
msgid ""
"The description of a I<\\[dq]logon\\[dq]> key I<must> start with a non-empty "
"colon-delimited prefix whose purpose is to identify the service to which the "
"key belongs.  (Note that this differs from keys of the I<\\[dq]user\\[dq]> "
"type, where the inclusion of a prefix is recommended but is not enforced.)"
msgstr ""

#. type: TP
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
#, fuzzy, no-wrap
#| msgid "I<balloon_migrate> (since Linux 3.18)"
msgid "I<\\[dq]big_key\\[dq]> (since Linux 3.13)"
msgstr "I<balloon_migrate> (desde Linux 3.18)"

#.  commit ab3c3587f8cda9083209a61dbe3a4407d3cada10
#. type: Plain text
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
msgid ""
"This key type is similar to the I<\\[dq]user\\[dq]> key type, but it may "
"hold a payload of up to 1\\ MiB in size.  This key type is useful for "
"purposes such as holding Kerberos ticket caches."
msgstr ""

#.  commit 13100a72f40f5748a04017e0ab3df4cf27c809ef
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The payload data may be stored in a tmpfs filesystem, rather than in kernel "
"memory, if the data size exceeds the overhead of storing the data in the "
"filesystem.  (Storing the data in a filesystem requires filesystem "
"structures to be allocated in the kernel.  The size of these structures "
"determines the size threshold above which the tmpfs storage method is "
"used.)  Since Linux 4.8, the payload data is encrypted when stored in tmpfs, "
"thereby preventing it from being written unencrypted into swap space."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"There are more specialized key types available also, but they aren't "
"discussed here because they aren't intended for normal user-space use."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Key type names that begin with a period (\\[aq].\\[aq]) are reserved to the "
"implementation."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Keyrings"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"As previously mentioned, keyrings are a special type of key that contain "
"links to other keys (which may include other keyrings).  Keys may be linked "
"to by multiple keyrings.  Keyrings may be considered as analogous to UNIX "
"directories where each directory contains a set of hard links to files."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "Various operations (system calls) may be applied only to keyrings:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Adding"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A key may be added to a keyring by system calls that create keys.  This "
"prevents the new key from being immediately deleted when the system call "
"releases its last reference to the key."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Linking"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A link may be added to a keyring pointing to a key that is already known, "
"provided this does not create a self-referential cycle."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Unlinking"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A link may be removed from a keyring.  When the last link to a key is "
"removed, that key will be scheduled for deletion by the garbage collector."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Clearing"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "All the links may be removed from a keyring."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Searching"
msgstr "Búsquedas"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A keyring may be considered the root of a tree or subtree in which keyrings "
"form the branches and non-keyrings the leaves.  This tree may be searched "
"for a key matching a particular type and description."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"See B<keyctl_clear>(3), B<keyctl_link>(3), B<keyctl_search>(3), and "
"B<keyctl_unlink>(3)  for more information."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Anchoring keys"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"To prevent a key from being garbage collected, it must be anchored to keep "
"its reference count elevated when it is not in active use by the kernel."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Keyrings are used to anchor other keys: each link is a reference on a key.  "
"Note that keyrings themselves are just keys and are also subject to the same "
"anchoring requirement to prevent them being garbage collected."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The kernel makes available a number of anchor keyrings.  Note that some of "
"these keyrings will be created only when first accessed."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Process keyrings"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Process credentials themselves reference keyrings with specific semantics.  "
"These keyrings are pinned as long as the set of credentials exists, which is "
"usually as long as the process exists."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"There are three keyrings with different inheritance/sharing rules: the "
"B<session-keyring>(7)  (inherited and shared by all child processes), the "
"B<process-keyring>(7)  (shared by all threads in a process) and the B<thread-"
"keyring>(7)  (specific to a particular thread)."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"As an alternative to using the actual keyring IDs, in calls to "
"B<add_key>(2), B<keyctl>(2), and B<request_key>(2), the special keyring "
"values B<KEY_SPEC_SESSION_KEYRING>, B<KEY_SPEC_PROCESS_KEYRING>, and "
"B<KEY_SPEC_THREAD_KEYRING> can be used to refer to the caller's own "
"instances of these keyrings."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "User keyrings"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Each UID known to the kernel has a record that contains two keyrings: the "
"B<user-keyring>(7)  and the B<user-session-keyring>(7).  These exist for as "
"long as the UID record in the kernel exists."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"As an alternative to using the actual keyring IDs, in calls to "
"B<add_key>(2), B<keyctl>(2), and B<request_key>(2), the special keyring "
"values B<KEY_SPEC_USER_KEYRING> and B<KEY_SPEC_USER_SESSION_KEYRING> can be "
"used to refer to the caller's own instances of these keyrings."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A link to the user keyring is placed in a new session keyring by "
"B<pam_keyinit>(8)  when a new login session is initiated."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Persistent keyrings"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"There is a B<persistent-keyring>(7)  available to each UID known to the "
"system.  It may persist beyond the life of the UID record previously "
"mentioned, but has an expiration time set such that it is automatically "
"cleaned up after a set time.  The persistent keyring permits, for example, "
"B<cron>(8)  scripts to use credentials that are left in the persistent "
"keyring after the user logs out."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Note that the expiration time of the persistent keyring is reset every time "
"the persistent key is requested."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Special keyrings"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"There are special keyrings owned by the kernel that can anchor keys for "
"special purposes.  An example of this is the I<system keyring> used for "
"holding encryption keys for module signature verification."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"These special keyrings are usually closed to direct alteration by user space."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"An originally planned \"group keyring\", for storing keys associated with "
"each GID known to the kernel, is not so far implemented, is unlikely to be "
"implemented.  Nevertheless, the constant B<KEY_SPEC_GROUP_KEYRING> has been "
"defined for this keyring."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Possession"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The concept of possession is important to understanding the keyrings "
"security model.  Whether a thread possesses a key is determined by the "
"following rules:"
msgstr ""

#. type: IP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "(1)"
msgstr "(1)"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Any key or keyring that does not grant I<search> permission to the caller is "
"ignored in all the following rules."
msgstr ""

#. type: IP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "(2)"
msgstr "(2)"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"A thread possesses its B<session-keyring>(7), B<process-keyring>(7), and "
"B<thread-keyring>(7)  directly because those keyrings are referred to by its "
"credentials."
msgstr ""

#. type: IP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "(3)"
msgstr "(3)"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "If a keyring is possessed, then any key it links to is also possessed."
msgstr ""

#. type: IP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "(4)"
msgstr "(4)"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"If any key a keyring links to is itself a keyring, then rule (3) applies "
"recursively."
msgstr ""

#. type: IP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "(5)"
msgstr "(5)"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"If a process is upcalled from the kernel to instantiate a key (see "
"B<request_key>(2)), then it also possesses the requester's keyrings as in "
"rule (1) as if it were the requester."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Note that possession is not a fundamental property of a key, but must rather "
"be calculated each time the key is needed."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Possession is designed to allow set-user-ID programs run from, say a user's "
"shell to access the user's keys.  Granting permissions to the key possessor "
"while denying them to the key owner and group allows the prevention of "
"access to keys on the basis of UID and GID matches."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"When it creates the session keyring, B<pam_keyinit>(8)  adds a link to the "
"B<user-keyring>(7), thus making the user keyring and anything it contains "
"possessed by default."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "Each key has the following security-related attributes:"
msgstr ""

#. type: IP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "\\[bu]"
msgstr "\\[bu]"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The owning user ID"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The ID of a group that is permitted to access the key"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "A security label"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "A permissions mask"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The permissions mask contains four sets of rights.  The first three sets are "
"mutually exclusive.  One and only one will be in force for a particular "
"access check.  In order of descending priority, these three sets are:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<user>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The set specifies the rights granted if the key's user ID matches the "
"caller's filesystem user ID."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<group>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The set specifies the rights granted if the user ID didn't match and the "
"key's group ID matches the caller's filesystem GID or one of the caller's "
"supplementary group IDs."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<other>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The set specifies the rights granted if neither the key's user ID nor group "
"ID matched."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The fourth set of rights is:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<possessor>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The set specifies the rights granted if a key is determined to be possessed "
"by the caller."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The complete set of rights for a key is the union of whichever of the first "
"three sets is applicable plus the fourth set if the key is possessed."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The set of rights that may be granted in each of the four masks is as "
"follows:"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<view>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The attributes of the key may be read.  This includes the type, description, "
"and access rights (excluding the security label)."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<read>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"For a key: the payload of the key may be read.  For a keyring: the list of "
"serial numbers (keys) to which the keyring has links may be read."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<write>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The payload of the key may be updated and the key may be revoked.  For a "
"keyring, links may be added to or removed from the keyring, and the keyring "
"may be cleared completely (all links are removed),"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<search>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"For a key (or a keyring): the key may be found by a search.  For a keyring: "
"keys and keyrings that are linked to by the keyring may be searched."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<link>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Links may be created from keyrings to the key.  The initial link to a key "
"that is established when the key is created doesn't require this permission."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<setattr>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The ownership details and security label of the key may be changed, the "
"key's expiration time may be set, and the key may be revoked."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"In addition to access rights, any active Linux Security Module (LSM) may "
"prevent access to a key if its policy so dictates.  A key may be given a "
"security label or other attribute by the LSM; this label is retrievable via "
"B<keyctl_get_security>(3)."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"See B<keyctl_chown>(3), B<keyctl_describe>(3), B<keyctl_get_security>(3), "
"B<keyctl_setperm>(3), and B<selinux>(8)  for more information."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Searching for keys"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"One of the key features of the Linux key-management facility is the ability "
"to find a key that a process is retaining.  The B<request_key>(2)  system "
"call is the primary point of access for user-space applications to find a "
"key.  (Internally, the kernel has something similar available for use by "
"internal components that make use of keys.)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The search algorithm works as follows:"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The process keyrings are searched in the following order: the B<thread-"
"keyring>(7)  if it exists, the B<process-keyring>(7)  if it exists, and then "
"either the B<session-keyring>(7)  if it exists or the B<user-session-"
"keyring>(7)  if that exists."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"If the caller was a process that was invoked by the B<request_key>(2)  "
"upcall mechanism, then the keyrings of the original caller of "
"B<request_key>(2)  will be searched as well."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The search of a keyring tree is in breadth-first order: each keyring is "
"searched first for a match, then the keyrings referred to by that keyring "
"are searched."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"If a matching key is found that is valid, then the search terminates and "
"that key is returned."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"If a matching key is found that has an error state attached, that error "
"state is noted and the search continues."
msgstr ""

#. type: IP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "(6)"
msgstr "(6)"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"If no valid matching key is found, then the first noted error state is "
"returned; otherwise, an B<ENOKEY> error is returned."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"It is also possible to search a specific keyring, in which case only steps "
"(3) to (6) apply."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "See B<request_key>(2)  and B<keyctl_search>(3)  for more information."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "On-demand key creation"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"If a key cannot be found, B<request_key>(2)  will, if given a "
"I<callout_info> argument, create a new key and then upcall to user space to "
"instantiate the key.  This allows keys to be created on an as-needed basis."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"Typically, this will involve the kernel creating a new process that executes "
"the B<request-key>(8)  program, which will then execute the appropriate "
"handler based on its configuration."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The handler is passed a special authorization key that allows it and only it "
"to instantiate the new key.  This is also used to permit searches performed "
"by the handler program to also search the requester's keyrings."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"See B<request_key>(2), B<keyctl_assume_authority>(3), "
"B<keyctl_instantiate>(3), B<keyctl_negate>(3), B<keyctl_reject>(3), "
"B<request-key>(8), and B<request-key.conf>(5)  for more information."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "/proc files"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The kernel provides various I</proc> files that expose information about "
"keys or define limits on key usage."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/keys> (since Linux 2.6.10)"
msgstr "I</proc/keys> (desde Linux 2.6.10)"

#
#
#.  David Howells, Dec 2016 linux-man@:
#.  This [The thread need not possess the key for it to be visible in
#.  this file.] is correct.  See proc_keys_show() in security/keys/proc.c:
#. 	rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW);
#. 	if (rc < 0)
#. 		return 0;
#. Possibly it shouldn't be, but for now it is.
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This file exposes a list of the keys for which the reading thread has "
"I<view> permission, providing various information about each key.  The "
"thread need not possess the key for it to be visible in this file."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The only keys included in the list are those that grant I<view> permission "
"to the reading process (regardless of whether or not it possesses them).  "
"LSM security checks are still performed, and may filter out further keys "
"that the process is not authorized to view."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"An example of the data that one might see in this file (with the columns "
"numbered for easy reference below)  is the following:"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid ""
"  (1)     (2)     (3)(4)    (5)     (6)   (7)   (8)        (9)\n"
"009a2028 I--Q---   1 perm 3f010000  1000  1000 user     krb_ccache:primary: 12\n"
"1806c4ba I--Q---   1 perm 3f010000  1000  1000 keyring  _pid: 2\n"
"25d3a08f I--Q---   1 perm 1f3f0000  1000 65534 keyring  _uid_ses.1000: 1\n"
"28576bd8 I--Q---   3 perm 3f010000  1000  1000 keyring  _krb: 1\n"
"2c546d21 I--Q--- 190 perm 3f030000  1000  1000 keyring  _ses: 2\n"
"30a4e0be I------   4   2d 1f030000  1000 65534 keyring  _persistent.1000: 1\n"
"32100fab I--Q---   4 perm 1f3f0000  1000 65534 keyring  _uid.1000: 2\n"
"32a387ea I--Q---   1 perm 3f010000  1000  1000 keyring  _pid: 2\n"
"3ce56aea I--Q---   5 perm 3f030000  1000  1000 keyring  _ses: 1\n"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The fields shown in each line of this file are as follows:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "ID (1)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The ID (serial number) of the key, expressed in hexadecimal."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Flags (2)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "A set of flags describing the state of the key:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I"
msgstr "I"

#.  KEY_FLAG_INSTANTIATED
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The key has been instantiated."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "R"
msgstr "R"

#.  KEY_FLAG_REVOKED
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The key has been revoked."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "D"
msgstr "D"

#.  KEY_FLAG_DEAD
#.  unregister_key_type() in the kernel source
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The key is dead (i.e., the key type has been unregistered).  (A key may be "
"briefly in this state during garbage collection.)"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Q"
msgstr "Q"

#.  KEY_FLAG_IN_QUOTA
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The key contributes to the user's quota."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "U"
msgstr "U"

#.  KEY_FLAG_USER_CONSTRUCT
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The key is under construction via a callback to user space; see B<request-"
"key>(2)."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "N"
msgstr "N"

#.  KEY_FLAG_NEGATIVE
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The key is negatively instantiated."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "i"
msgstr "i"

#.  KEY_FLAG_INVALIDATED
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The key has been invalidated."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Usage (3)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This is a count of the number of kernel credential structures that are "
"pinning the key (approximately: the number of threads and open file "
"references that refer to this key)."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Timeout (4)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The amount of time until the key will expire, expressed in human-readable "
"form (weeks, days, hours, minutes, and seconds).  The string I<perm> here "
"means that the key is permanent (no timeout).  The string I<expd> means that "
"the key has already expired, but has not yet been garbage collected."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Permissions (5)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The key permissions, expressed as four hexadecimal bytes containing, from "
"left to right, the possessor, user, group, and other permissions.  Within "
"each byte, the permission bits are as follows:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "0x01"
msgstr "0x01"

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "0x02"
msgstr "0x02"

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "0x04"
msgstr "0x04"

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "0x08"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "0x10"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "0x20"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "UID (6)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The user ID of the key owner."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "GID (7)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The group ID of the key.  The value -1 here means that the key has no group "
"ID; this can occur in certain circumstances for keys created by the kernel."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Type (8)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The key type (user, keyring, etc.)"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Description (9)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The key description (name).  This field contains descriptive information "
"about the key.  For most key types, it has the form"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "name[: extra-info]\n"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The I<name> subfield is the key's description (name).  The optional I<extra-"
"info> field provides some further information about the key.  The "
"information that appears here depends on the key type, as follows:"
msgstr ""

#. type: TP
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
#, no-wrap
msgid "I<\\[dq]user\\[dq]> and I<\\[dq]logon\\[dq]>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The size in bytes of the key payload (expressed in decimal)."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The number of keys linked to the keyring, or the string I<empty> if there "
"are no keys linked to the keyring."
msgstr ""

#. type: TP
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
#, no-wrap
msgid "I<\\[dq]big_key\\[dq]>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The payload size in bytes, followed either by the string I<[file]>, if the "
"key payload exceeds the threshold that means that the payload is stored in a "
"(swappable)  B<tmpfs>(5)  filesystem, or otherwise the string I<[buff]>, "
"indicating that the key is small enough to reside in kernel memory."
msgstr ""

#. type: Plain text
#: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed
msgid ""
"For the I<\\[dq].request_key_auth\\[dq]> key type (authorization key; see "
"B<request_key>(2)), the description field has the form shown in the "
"following example:"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "key:c9a9b19 pid:28880 ci:10\n"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The three subfields are as follows:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<key>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The hexadecimal ID of the key being instantiated in the requesting program."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<pid>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The PID of the requesting program."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<ci>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The length of the callout data with which the requested key should be "
"instantiated (i.e., the length of the payload associated with the "
"authorization key)."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/key-users> (since Linux 2.6.10)"
msgstr "I</proc/key-users> (desde Linux 2.6.10)"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This file lists various information for each user ID that has at least one "
"key on the system.  An example of the data that one might see in this file "
"is the following:"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid ""
"   0:    10 9/9 2/1000000 22/25000000\n"
"  42:     9 9/9 8/200 106/20000\n"
"1000:    11 11/11 10/200 271/20000\n"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The fields shown in each line are as follows:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<uid>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The user ID."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<usage>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This is a kernel-internal usage count for the kernel structure used to "
"record key users."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<nkeys>/I<nikeys>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The total number of keys owned by the user, and the number of those keys "
"that have been instantiated."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<qnkeys>/I<maxkeys>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The number of keys owned by the user, and the maximum number of keys that "
"the user may own."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I<qnbytes>/I<maxbytes>"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The number of bytes consumed in payloads of the keys owned by this user, and "
"the upper limit on the number of bytes in key payloads for that user."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/sys/kernel/keys/gc_delay> (since Linux 2.6.32)"
msgstr ""

#.  commit 5d135440faf7db8d566de0c6fab36b16cf9cfc3b
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The value in this file specifies the interval, in seconds, after which "
"revoked and expired keys will be garbage collected.  The purpose of having "
"such an interval is so that there is a window of time where user space can "
"see an error (respectively B<EKEYREVOKED> and B<EKEYEXPIRED>)  that "
"indicates what happened to the key."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The default value in this file is 300 (i.e., 5 minutes)."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/sys/kernel/keys/persistent_keyring_expiry> (since Linux 3.13)"
msgstr ""

#.  commit f36f8c75ae2e7d4da34f4c908cebdb4aa42c977e
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This file defines an interval, in seconds, to which the persistent keyring's "
"expiration timer is reset each time the keyring is accessed (via "
"B<keyctl_get_persistent>(3)  or the B<keyctl>(2)  B<KEYCTL_GET_PERSISTENT> "
"operation.)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The default value in this file is 259200 (i.e., 3 days)."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The following files (which are writable by privileged processes)  are used "
"to enforce quotas on the number of keys and number of bytes of data that can "
"be stored in key payloads:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/sys/kernel/keys/maxbytes> (since Linux 2.6.26)"
msgstr ""

#.  commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
#.  Previously: KEYQUOTA_MAX_BYTES      10000
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This is the maximum number of bytes of data that a nonroot user can hold in "
"the payloads of the keys owned by the user."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The default value in this file is 20,000."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/sys/kernel/keys/maxkeys> (since Linux 2.6.26)"
msgstr ""

#.  commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
#.  Previously: KEYQUOTA_MAX_KEYS       100
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "This is the maximum number of keys that a nonroot user may own."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The default value in this file is 200."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/sys/kernel/keys/root_maxbytes> (since Linux 2.6.26)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This is the maximum number of bytes of data that the root user (UID 0 in the "
"root user namespace)  can hold in the payloads of the keys owned by root."
msgstr ""

#. 738c5d190f6540539a04baf36ce21d46b5da04bd
#.  commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The default value in this file is 25,000,000 (20,000 before Linux 3.17)."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "I</proc/sys/kernel/keys/root_maxkeys> (since Linux 2.6.26)"
msgstr ""

#.  commit 0b77f5bfb45c13e1e5142374f9d6ca75292252a4
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"This is the maximum number of keys that the root user (UID 0 in the root "
"user namespace)  may own."
msgstr ""

#. 738c5d190f6540539a04baf36ce21d46b5da04bd
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "The default value in this file is 1,000,000 (200 before Linux 3.17)."
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"With respect to keyrings, note that each link in a keyring consumes 4 bytes "
"of the keyring payload."
msgstr ""

#. type: SS
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Users"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The Linux key-management facility has a number of users and usages, but is "
"not limited to those that already exist."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "In-kernel users of this facility include:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Network filesystems - DNS"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The kernel uses the upcall mechanism provided by the keys to upcall to user "
"space to do DNS lookups and then to cache the results."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "AF_RXRPC and kAFS - Authentication"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The AF_RXRPC network protocol and the in-kernel AFS filesystem use keys to "
"store the ticket needed to do secured or encrypted traffic.  These are then "
"looked up by network operations on AF_RXRPC and filesystem operations on "
"kAFS."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "NFS - User ID mapping"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The NFS filesystem uses keys to store mappings of foreign user IDs to local "
"user IDs."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "CIFS - Password"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The CIFS filesystem uses keys to store passwords for accessing remote shares."
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Module verification"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The kernel build process can be made to cryptographically sign modules.  "
"That signature is then checked when a module is loaded."
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid "User-space users of this facility include:"
msgstr ""

#. type: TP
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "Kerberos key storage"
msgstr ""

#. """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The MIT Kerberos 5 facility (libkrb5) can use keys to store authentication "
"tokens which can be made to be automatically cleaned up a set time after the "
"user last uses them, but until then permits them to hang around after the "
"user has logged out so that B<cron>(8)  scripts can use them."
msgstr ""

#. type: SH
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
#, no-wrap
msgid "SEE ALSO"
msgstr "VÉASE TAMBIÉN"

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"B<keyctl>(1), B<add_key>(2), B<keyctl>(2), B<request_key>(2), B<keyctl>(3), "
"B<keyutils>(7), B<persistent-keyring>(7), B<process-keyring>(7), B<session-"
"keyring>(7), B<thread-keyring>(7), B<user-keyring>(7), B<user-session-"
"keyring>(7), B<pam_keyinit>(8), B<request-key>(8)"
msgstr ""

#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed
msgid ""
"The kernel source files I<Documentation/crypto/asymmetric-keys.txt> and "
"under I<Documentation/security/keys> (or, before Linux 4.13, in the file "
"I<Documentation/security/keys.txt>)."
msgstr ""

#. type: TH
#: debian-bookworm opensuse-leap-15-6
#, no-wrap
msgid "2023-02-05"
msgstr "5 Febrero 2023"

#. type: TH
#: debian-bookworm
#, no-wrap
msgid "Linux man-pages 6.03"
msgstr "Páginas de Manual de Linux 6.03"

#. type: TP
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
#, no-wrap
msgid "I<\"keyring\">"
msgstr ""

#. type: TP
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
#, no-wrap
msgid "I<\"user\">"
msgstr ""

#. type: Plain text
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
msgid ""
"The description may be any valid string, though it is preferred that it "
"start with a colon-delimited prefix representing the service to which the "
"key is of interest (for instance I<\"afs:mykey\">)."
msgstr ""

#. type: TP
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
#, no-wrap
msgid "I<\"logon\"> (since Linux 3.3)"
msgstr ""

#.  commit 9f6ed2ca257fa8650b876377833e6f14e272848b
#. type: Plain text
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
msgid ""
"This key type is essentially the same as I<\"user\">, but it does not "
"provide reading (i.e., the B<keyctl>(2)  B<KEYCTL_READ> operation), meaning "
"that the key payload is never visible from user space.  This is suitable for "
"storing username-password pairs that should not be readable from user space."
msgstr ""

#. type: Plain text
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
msgid ""
"The description of a I<\"logon\"> key I<must> start with a non-empty colon-"
"delimited prefix whose purpose is to identify the service to which the key "
"belongs.  (Note that this differs from keys of the I<\"user\"> type, where "
"the inclusion of a prefix is recommended but is not enforced.)"
msgstr ""

#. type: TP
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
#, no-wrap
msgid "I<\"big_key\"> (since Linux 3.13)"
msgstr ""

#.  commit ab3c3587f8cda9083209a61dbe3a4407d3cada10
#. type: Plain text
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
msgid ""
"This key type is similar to the I<\"user\"> key type, but it may hold a "
"payload of up to 1\\ MiB in size.  This key type is useful for purposes such "
"as holding Kerberos ticket caches."
msgstr ""

#. type: TP
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
#, no-wrap
msgid "I<\"user\"> and I<\"logon\">"
msgstr ""

#. type: TP
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
#, no-wrap
msgid "I<\"big_key\">"
msgstr ""

#. type: Plain text
#: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6
msgid ""
"For the I<\".request_key_auth\"> key type (authorization key; see "
"B<request_key>(2)), the description field has the form shown in the "
"following example:"
msgstr ""

#. type: TH
#: fedora-40 mageia-cauldron
#, no-wrap
msgid "2023-10-31"
msgstr "31 Octubre 2023"

#. type: TH
#: fedora-40 mageia-cauldron
#, no-wrap
msgid "Linux man-pages 6.06"
msgstr "Páginas de Manual de Linux 6.06"

#. type: TH
#: fedora-rawhide
#, no-wrap
msgid "2024-02-25"
msgstr "25 Febrero 2024"

#. type: TH
#: fedora-rawhide
#, no-wrap
msgid "Linux man-pages 6.7"
msgstr "Páginas de Manual de Linux 6.7"

#. type: TH
#: opensuse-leap-15-6
#, no-wrap
msgid "Linux man-pages 6.04"
msgstr "Páginas de Manual de Linux 6.04"

#. type: TH
#: opensuse-tumbleweed
#, no-wrap
msgid "Linux man-pages (unreleased)"
msgstr "Páginas de Manual de Linux (no publicadas)"