Section (7) process-keyring
process-keyring — per-process shared keyring
The process keyring is a keyring used to anchor keys on
behalf of a process. It is created only when a process
requests it. The process keyring has the name (description)
A special serial number value,
KEY_SPEC_PROCESS_KEYRING, is defined that
can be used in lieu of the actual serial number of the
calling process_zsingle_quotesz_s process keyring.
From the keyctl(1) utility, _zsingle_quotesz_
@p_zsingle_quotesz_ can be used instead of a
numeric key ID in much the same way, but since keyctl(1) is a program run
after forking, this is of no utility.
A thread created using the clone(2)
CLONE_THREAD flag has the same process
keyring as the caller of clone(2). When a new
process is created using
it initially has no process keyring. A process_zsingle_quotesz_s process
keyring is cleared on execve(2). The process
keyring is destroyed when the last thread that refers to it
If a process doesn_zsingle_quotesz_t have a process keyring when it is accessed, then the process keyring will be created if the keyring is to be modified; otherwise, the error ENOKEY results.
This page is part of release 5.04 of the Linux
man-pages project. A
description of the project, information about reporting bugs,
and the latest version of this page, can be found at
Copyright (C) 2014 Red Hat, Inc. All Rights Reserved.
Written by David Howells (dhowellsredhat.com)
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version
2 of the License, or (at your option) any later version.