Next: About this document ...
Up: SPDL仕様書 ver 2.1.
Previous: 13 他の特権のアクセス制御:allowpriv
Contents
This feature is included at version 2.1 or later.
After Linux 2.6.18, new feature kernel key retention service) is
included. By the feature, each process can obtain key.
For detail of key retention service, please refer to kernel document
Document/keys.txt (You can look at the copy at
http://free-electrons.com/kerneldoc/latest/keys.txt).
allowkey controls access to key.
This feature is effective only for FC5 or later. Cent OS does not have
kernel key subsystem, so allowkey means nothing.
- Syntax
allowkey domain permissions;
For permissions, you can use following.
v: View. Look attribute of key.
r: Read. Read contents of key.
W: Write. Write contents of key.
s: Search. Search keyrings.
l: Link. Permits key or keyrings to be linked to.
t: Set Attribute: Set attribute of key.
For detail of permission, see Document/keys.txt.
- Meaning
Allow access to keys retained by domain.
For example,
allowkey login_t v,r;
means, allow view and read access to keys, obtained by process whose
domain is login_t.
Next: About this document ...
Up: SPDL仕様書 ver 2.1.
Previous: 13 他の特権のアクセス制御:allowpriv
Contents
Yuichi Nakamura
2006-12-27