next up previous contents
Next: About this document ... Up: SPDL仕様書 ver 2.1. Previous: 13 他の特権のアクセス制御:allowpriv   Contents

14 Access control of kernel key retention service:allowkey

This feature is included at version 2.1 or later.

After Linux 2.6.18, new feature kernel key retention service) is included. By the feature, each process can obtain key. For detail of key retention service, please refer to kernel document Document/keys.txt (You can look at the copy at http://free-electrons.com/kerneldoc/latest/keys.txt). allowkey controls access to key. This feature is effective only for FC5 or later. Cent OS does not have kernel key subsystem, so allowkey means nothing.

  1. Syntax
    allowkey domain permissions;
    For permissions, you can use following.
    v: View. Look attribute of key.
    r: Read. Read contents of key.
    W: Write. Write contents of key.
    s: Search. Search keyrings.
    l: Link. Permits key or keyrings to be linked to.
    t: Set Attribute: Set attribute of key.
    For detail of permission, see Document/keys.txt.
  2. Meaning
    Allow access to keys retained by domain.
    For example,
    allowkey login_t v,r;
    means, allow view and read access to keys, obtained by process whose domain is login_t.


next up previous contents
Next: About this document ... Up: SPDL仕様書 ver 2.1. Previous: 13 他の特権のアクセス制御:allowpriv   Contents
Yuichi Nakamura 2006-12-27