1KEYCTL_GET_PERSISTENT(3)  Linux Key Management Calls  KEYCTL_GET_PERSISTENT(3)
2
3
4

NAME

6       keyctl_get_persistent - get the persistent keyring for a user
7

SYNOPSIS

9       #include <keyutils.h>
10
11       long keyctl_get_persistent(uid_t uid, key_serial_t keyring);
12

DESCRIPTION

14       keyctl_get_persistent()  gets  the persistent keyring for the specified
15       user ID.  Unlike the session and user keyrings, this keyring will  per‐
16       sist  once all login sessions have been deleted and can thus be used to
17       carry authentication tokens for processes that run without user  inter‐
18       action, such as programs started by cron.
19
20       The persistent keyring will be created by the kernel if it does not yet
21       exist.  Each time this function is called, the persistent keyring  will
22       have its expiration timeout reset to the value in:
23
24              /proc/sys/kernel/keys/persistent_keyring_expiry
25
26       (by default three days).  Should the timeout be reached, the persistent
27       keyring will be removed and everything it pins can then be garbage col‐
28       lected.
29
30       If  uid is -1 then the calling process's real user ID will be used.  If
31       uid is not -1 then error EPERM will be given if the user  ID  requested
32       does not match either the caller's real or effective user IDs or if the
33       calling process does not have SetUid capability.
34
35       If successful, a link to the persistent  keyring  will  be  added  into
36       keyring.
37

RETURN VALUE

39       On  success  keyctl_get_persistent()  returns  the serial number of the
40       persistent keyring.  On error, the value -1 will be returned and  errno
41       will have been set to an appropriate error.
42

ERRORS

44       EPERM  Not permitted to access the persistent keyring for the requested
45              uid.
46
47       ENOMEM Insufficient memory to  create  the  persistent  keyring  or  to
48              extend keyring.
49
50       ENOKEY keyring does not exist.
51
52       EKEYEXPIRED
53              keyring has expired.
54
55       EKEYREVOKED
56              keyring has been revoked.
57
58       EDQUOT The user does not have sufficient quota to extend keyring.
59
60       EACCES keyring exists, but does not grant write permission to the call‐
61              ing process.
62
63

LINKING

65       This is a library function that can  be  found  in  libkeyutils.   When
66       linking, -lkeyutils should be specified to the linker.
67

SEE ALSO

69       keyctl(1), add_key(2), keyctl(2), request_key(2), keyctl(3),
70       keyrings(7), keyutils(7), persistent-keyring(7),
71
72
73
74Linux                             20 Feb 2014         KEYCTL_GET_PERSISTENT(3)
Impressum