# SOME DESCRIPTIVE TITLE # Copyright (C) YEAR Free Software Foundation, Inc. # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "POT-Creation-Date: 2024-06-01 06:15+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. type: TH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "request_key" msgstr "" #. type: TH #: archlinux debian-unstable opensuse-tumbleweed #, no-wrap msgid "2024-05-02" msgstr "" #. type: TH #: archlinux debian-unstable #, no-wrap msgid "Linux man-pages 6.8" msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "NAME" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "request_key - request a key from the kernel's key management facility" msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "LIBRARY" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "Linux Key Management Utilities (I, I<-lkeyutils>)" msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "SYNOPSIS" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B<#include Ekeyutils.hE>\n" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "" "BIB<, const char *>IB<,>\n" "B< const char *_Nullable >IB<,>\n" "B< key_serial_t >IB<);>\n" msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "DESCRIPTION" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "B() attempts to find a key of the given I with a " "description (name) that matches the specified I. If such a key " "could not be found, then the key is optionally created. If the key is found " "or created, B() attaches it to the keyring whose ID is " "specified in I and returns the key's serial number." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "B() first recursively searches for a matching key in all of " "the keyrings attached to the calling process. The keyrings are searched in " "the order: thread-specific keyring, process-specific keyring, and then " "session keyring." msgstr "" #. David Howells: we can then have an arbitrarily long sequence #. of "recursive" request-key upcalls. There is no limit, other #. than number of PIDs, etc. #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "If B() is called from a program invoked by B() " "on behalf of some other process to generate a key, then the keyrings of that " "other process will be searched next, using that other process's user ID, " "group ID, supplementary group IDs, and security context to determine access." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The search of the keyring tree is breadth-first: the keys in each keyring " "searched are checked for a match before any child keyrings are recursed " "into. Only keys for which the caller has I permission be found, and " "only keyrings for which the caller has I permission may be searched." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "If the key is not found and I is NULL, then the call fails with the " "error B." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "If the key is not found and I is not NULL, then the kernel attempts " "to invoke a user-space program to instantiate the key. The details are " "given below." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The I serial number may be that of a valid keyring for which " "the caller has I permission, or it may be one of the following " "special keyring IDs:" msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "This specifies the caller's thread-specific keyring (see B(7))." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "This specifies the caller's process-specific keyring (see B(7))." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "This specifies the caller's session-specific keyring (see B(7))." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "This specifies the caller's UID-specific keyring (see B(7))." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "This specifies the caller's UID-session keyring (see B(7))." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "When the I is specified as 0 and no key construction has been " "performed, then no additional linking is done." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "Otherwise, if I is 0 and a new key is constructed, the new key " "will be linked to the \"default\" keyring. More precisely, when the kernel " "tries to determine to which keyring the newly constructed key should be " "linked, it tries the following keyrings, beginning with the keyring set via " "the B(2) B operation and continuing in " "the order shown below until it finds the first keyring that exists:" msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "\\[bu]" msgstr "" #. 8bbf4976b59fc9fc2861e79cab7beb3f6d647640 #. FIXME #. Actually, is the preceding point correct? #. If I understand correctly, we'll only get here if #. 'dest_keyring' is zero, in which case KEY_REQKEY_DEFL_REQUESTOR_KEYRING #. won't refer to a keyring. Have I misunderstood? #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The requestor keyring (B, since Linux " "2.6.29)." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The thread-specific keyring (B; see B(7))." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The process-specific keyring (B; see " "B(7))." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The session-specific keyring (B; see " "B(7))." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The session keyring for the process's user ID " "(B; see B(7)). " "This keyring is expected to always exist." msgstr "" # # # # # #. mtk: Are there circumstances where the user sessions and UID-specific #. keyrings do not exist? #. David Howells: #. The uid keyrings don't exist until someone tries to access them - #. at which point they're both created. When you log in, pam_keyinit #. creates a link to your user keyring in the session keyring it just #. created, thereby creating the user and user-session keyrings. #. and David elaborated that "access" means: #. It means lookup_user_key() was passed KEY_LOOKUP_CREATE. So: #. add_key() - destination keyring #. request_key() - destination keyring #. KEYCTL_GET_KEYRING_ID - if create arg is true #. KEYCTL_CLEAR #. KEYCTL_LINK - both args #. KEYCTL_SEARCH - destination keyring #. KEYCTL_CHOWN #. KEYCTL_SETPERM #. KEYCTL_SET_TIMEOUT #. KEYCTL_INSTANTIATE - destination keyring #. KEYCTL_INSTANTIATE_IOV - destination keyring #. KEYCTL_NEGATE - destination keyring #. KEYCTL_REJECT - destination keyring #. KEYCTL_GET_PERSISTENT - destination keyring #. will all create a keyring under some circumstances. Whereas the rest, #. such as KEYCTL_GET_SECURITY, KEYCTL_READ and KEYCTL_REVOKE, won't. #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The UID-specific keyring (B; see B(7)). This keyring is also expected to always exist." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "If the B(2) B operation specifies " "B (or no B operation is " "performed), then the kernel looks for a keyring starting from the beginning " "of the list." msgstr "" #. type: SS #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "Requesting user-space instantiation of a key" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "If the kernel cannot find a key matching I and I, and " "I is not NULL, then the kernel attempts to invoke a user-space " "program to instantiate a key with the given I and I. In " "this case, the following steps are performed:" msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "(1)" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The kernel creates an uninstantiated key, U, with the requested I and " "I." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "(2)" msgstr "" #. struct request_key_auth, defined in security/keys/internal.h #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The kernel creates an authorization key, V, that refers to the key U and " "records the facts that the caller of B() is:" msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "(2.1)" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "the context in which the key U should be instantiated and secured, and" msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "(2.2)" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "the context from which associated key requests may be satisfied." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The authorization key is constructed as follows:" msgstr "" #. type: Plain text #: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed msgid "The key type is I<\\[dq].request_key_auth\\[dq]>." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The key's UID and GID are the same as the corresponding filesystem IDs of " "the requesting process." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The key grants I, I, and I permissions to the key " "possessor as well as I permission for the key user." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The description (name) of the key is the hexadecimal string representing the " "ID of the key that is to be instantiated in the requesting program." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The payload of the key is taken from the data specified in I." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "Internally, the kernel also records the PID of the process that called " "B()." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "(3)" msgstr "" #. The request\-key(8) program can be invoked in circumstances *other* than #. when triggered by request_key(2). For example, upcalls from places such #. as the DNS resolver. #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The kernel creates a process that executes a user-space service such as " "B(8) with a new session keyring that contains a link to the " "authorization key, V." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "This program is supplied with the following command-line arguments:" msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[0]" msgstr "" #. type: Plain text #: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed msgid "The string I<\\[dq]/sbin/request-key\\[dq]>." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[1]" msgstr "" #. type: Plain text #: archlinux debian-unstable fedora-rawhide opensuse-tumbleweed msgid "" "The string I<\\[dq]create\\[dq]> (indicating that a key is to be created)." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[2]" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The ID of the key that is to be instantiated." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[3]" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The filesystem UID of the caller of B()." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[4]" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The filesystem GID of the caller of B()." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[5]" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The ID of the thread keyring of the caller of B(). This may be " "zero if that keyring hasn't been created." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[6]" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The ID of the process keyring of the caller of B(). This may " "be zero if that keyring hasn't been created." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "[7]" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The ID of the session keyring of the caller of B()." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "I: each of the command-line arguments that is a key ID is encoded in " "I (unlike the key IDs shown in I, which are shown as " "hexadecimal values)." msgstr "" #. type: IP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "(4)" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The program spawned in the previous step:" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "Assumes the authority to instantiate the key U using the B(2) " "B operation (typically via the " "B(3) function)." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "Obtains the callout data from the payload of the authorization key V (using " "the B(2) B operation (or, more commonly, the " "B(3) function) with a key ID value of " "B)." msgstr "" #. Should an instantiating program be using KEY_SPEC_REQUESTOR_KEYRING? #. I couldn't find a use in the keyutils git repo. #. According to David Howells: #. * This feature is provided, but not used at the moment. #. * A key added to that ring is then owned by the requester #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "Instantiates the key (or execs another program that performs that task), " "specifying the payload and destination keyring. (The destination keyring " "that the requestor specified when calling B() can be accessed " "using the special key ID B.) Instantiation is " "performed using the B(2) B operation (or, more " "commonly, the B(3) function). At this point, the " "B() call completes, and the requesting program can continue " "execution." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "If these steps are unsuccessful, then an B error will be returned to " "the caller of B() and a temporary, negatively instantiated key " "will be installed in the keyring specified by I. This will " "expire after a few seconds, but will cause subsequent calls to " "B() to fail until it does. The purpose of this negatively " "instantiated key is to prevent (possibly different) processes making " "repeated requests (that require expensive B(8) upcalls) for a " "key that can't (at the moment) be positively instantiated." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "Once the key has been instantiated, the authorization key " "(B) is revoked, and the destination keyring " "(B) is no longer accessible from the B(8) program." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "If a key is created, then\\[em]regardless of whether it is a valid key or a " "negatively instantiated key\\[em]it will displace any other key with the " "same type and description from the keyring specified in I." msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "RETURN VALUE" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "On success, B() returns the serial number of the key it found " "or caused to be created. On error, -1 is returned and I is set to " "indicate the error." msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "ERRORS" msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The keyring wasn't available for modification by the user." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The key quota for this user would be exceeded by creating this key or " "linking it to the keyring." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "One of I, I, or I points outside the " "process's accessible address space." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The request was interrupted by a signal; see B(7)." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The size of the string (including the terminating null byte) specified in " "I or I exceeded the limit (32 bytes and 4096 bytes " "respectively)." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The size of the string (including the terminating null byte) specified in " "I exceeded the system page size." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "An expired key was found, but no replacement could be obtained." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The attempt to generate a new key was rejected." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "A revoked key was found, but no replacement could be obtained." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "No matching key was found." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "Insufficient memory to create a key." msgstr "" #. type: TP #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "B" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "The I argument started with a period (\\[aq].\\[aq])." msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "STANDARDS" msgstr "" #. type: Plain text #: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron #: opensuse-leap-15-6 opensuse-tumbleweed msgid "Linux." msgstr "" #. type: SH #: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron #: opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "HISTORY" msgstr "" #. type: Plain text #: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron #: opensuse-leap-15-6 opensuse-tumbleweed msgid "Linux 2.6.10." msgstr "" #. commit 3e30148c3d524a9c1c63ca28261bc24c457eb07a #. type: Plain text #: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron #: opensuse-leap-15-6 opensuse-tumbleweed msgid "The ability to instantiate keys upon request was added in Linux 2.6.13." msgstr "" #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "EXAMPLES" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The program below demonstrates the use of B(). The I, " "I, and I arguments for the system call are taken " "from the values supplied in the command-line arguments. The call specifies " "the session keyring as the target keyring." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "In order to demonstrate this program, we first create a suitable entry in " "the file I." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "" "$ sudo sh\n" "# B\n" " B /etc/request-key.conf>\n" "# B\n" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "This entry specifies that when a new \"user\" key with the prefix \"mtk:\" " "must be instantiated, that task should be performed via the B(1) " "command's B operation. The arguments supplied to the " "B operation are: the ID of the uninstantiated key (I<%k>); the " "callout data supplied to the B() call (I<%c>); and the session " "keyring (I<%S>) of the requestor (i.e., the caller of B()). " "See B(5) for details of these I<%> specifiers." msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "Then we run the program and check the contents of I to verify " "that the requested key has been instantiated:" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "" "$ B<./t_request_key user mtk:key1 \"Payload data\">\n" "$ B\n" "2dddaf50 I--Q--- 1 perm 3f010000 1000 1000 user mtk:key1: 12\n" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "For another example of the use of this program, see B(2)." msgstr "" #. type: SS #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "Program source" msgstr "" #. type: Plain text #: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron #: opensuse-tumbleweed #, no-wrap msgid "" "/* t_request_key.c */\n" "\\&\n" "#include Ekeyutils.hE\n" "#include Estdint.hE\n" "#include Estdio.hE\n" "#include Estdlib.hE\n" "\\&\n" "int\n" "main(int argc, char *argv[])\n" "{\n" " key_serial_t key;\n" "\\&\n" " if (argc != 4) {\n" " fprintf(stderr, \"Usage: %s type description callout-data\\en\",\n" " argv[0]);\n" " exit(EXIT_FAILURE);\n" " }\n" "\\&\n" " key = request_key(argv[1], argv[2], argv[3],\n" " KEY_SPEC_SESSION_KEYRING);\n" " if (key == -1) {\n" " perror(\"request_key\");\n" " exit(EXIT_FAILURE);\n" " }\n" "\\&\n" " printf(\"Key ID is %jx\\en\", (uintmax_t) key);\n" "\\&\n" " exit(EXIT_SUCCESS);\n" "}\n" msgstr "" #. SRC END #. type: SH #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed #, no-wrap msgid "SEE ALSO" msgstr "" #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "B(1), B(2), B(2), B(3), B(7), " "B(7), B(7), B(7), B(7), B(7), B(7), B(7), B(7), B(8)" msgstr "" #. commit b68101a1e8f0263dbc7b8375d2a7c57c6216fb76 #. commit 3db38ed76890565772fcca3279cc8d454ea6176b #. type: Plain text #: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide #: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed msgid "" "The kernel source files I and " "I (or, before Linux 4.13, in the files " "I and I)." msgstr "" #. type: TH #: debian-bookworm #, no-wrap msgid "2023-02-05" msgstr "" #. type: TH #: debian-bookworm #, no-wrap msgid "Linux man-pages 6.03" msgstr "" #. type: Plain text #: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6 msgid "The key type is I<\".request_key_auth\">." msgstr "" #. type: Plain text #: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6 msgid "The string I<\"/sbin/request-key\">." msgstr "" #. type: Plain text #: debian-bookworm fedora-40 mageia-cauldron opensuse-leap-15-6 msgid "The string I<\"create\"> (indicating that a key is to be created)." msgstr "" #. type: SH #: debian-bookworm #, no-wrap msgid "VERSIONS" msgstr "" #. commit 3e30148c3d524a9c1c63ca28261bc24c457eb07a #. type: Plain text #: debian-bookworm msgid "" "This system call first appeared in Linux 2.6.10. The ability to instantiate " "keys upon request was added in Linux 2.6.13." msgstr "" #. type: Plain text #: debian-bookworm msgid "This system call is a nonstandard Linux extension." msgstr "" #. type: Plain text #: debian-bookworm opensuse-leap-15-6 #, no-wrap msgid "/* t_request_key.c */\n" msgstr "" #. type: Plain text #: debian-bookworm opensuse-leap-15-6 #, no-wrap msgid "" "#include Ekeyutils.hE\n" "#include Estdint.hE\n" "#include Estdio.hE\n" "#include Estdlib.hE\n" msgstr "" #. type: Plain text #: debian-bookworm opensuse-leap-15-6 #, no-wrap msgid "" "int\n" "main(int argc, char *argv[])\n" "{\n" " key_serial_t key;\n" msgstr "" #. type: Plain text #: debian-bookworm opensuse-leap-15-6 #, no-wrap msgid "" " if (argc != 4) {\n" " fprintf(stderr, \"Usage: %s type description callout-data\\en\",\n" " argv[0]);\n" " exit(EXIT_FAILURE);\n" " }\n" msgstr "" #. type: Plain text #: debian-bookworm opensuse-leap-15-6 #, no-wrap msgid "" " key = request_key(argv[1], argv[2], argv[3],\n" " KEY_SPEC_SESSION_KEYRING);\n" " if (key == -1) {\n" " perror(\"request_key\");\n" " exit(EXIT_FAILURE);\n" " }\n" msgstr "" #. type: Plain text #: debian-bookworm opensuse-leap-15-6 #, no-wrap msgid " printf(\"Key ID is %jx\\en\", (uintmax_t) key);\n" msgstr "" #. type: Plain text #: debian-bookworm opensuse-leap-15-6 #, no-wrap msgid "" " exit(EXIT_SUCCESS);\n" "}\n" msgstr "" #. type: TH #: fedora-40 mageia-cauldron #, no-wrap msgid "2023-10-31" msgstr "" #. type: TH #: fedora-40 mageia-cauldron #, no-wrap msgid "Linux man-pages 6.06" msgstr "" #. type: TH #: fedora-rawhide #, no-wrap msgid "2024-02-25" msgstr "" #. type: TH #: fedora-rawhide #, no-wrap msgid "Linux man-pages 6.7" msgstr "" #. type: TH #: opensuse-leap-15-6 #, no-wrap msgid "2023-03-30" msgstr "" #. type: TH #: opensuse-leap-15-6 #, no-wrap msgid "Linux man-pages 6.04" msgstr "" #. type: TH #: opensuse-tumbleweed #, no-wrap msgid "Linux man-pages (unreleased)" msgstr ""