KEYCTL_SETPERM - Online Linux Manual PageSection : 3
Updated : 4 May 2006
Source : Linux
Note : Linux Key Management Calls

NAMEkeyctl_setperm − change the permissions mask on a key

SYNOPSIS#include <keyutils.h> long keyctl_setperm(key_serial_t key, key_perm_t perm);

DESCRIPTION keyctl_setperm() changes the permissions mask on a key. A process that does not have the SysAdmin capability may not change the permissions mask on a key that doesn't have the same UID as the caller. The caller must have setattr permission on a key to be able change its permissions mask. The permissions mask is a bitwise-OR of the following flags: KEY_xxx_VIEW  Grant permission to view the attributes of a key. KEY_xxx_READ  Grant permission to read the payload of a key or to list a keyring. KEY_xxx_WRITE  Grant permission to modify the payload of a key or to add or remove links to/from a keyring. KEY_xxx_SEARCH  Grant permission to find a key or to search a keyring. KEY_xxx_LINK  Grant permission to make links to a key. KEY_xxx_SETATTR  Grant permission to change the ownership and permissions attributes of a key. KEY_xxx_ALL  Grant all the above. The 'xxx' in the above should be replaced by one of: POS  Grant the permission to a process that possesses the key (has it attached searchably to one of the process's keyrings). USR  Grant the permission to a process with the same UID as the key. GRP  Grant the permission to a process with the same GID as the key, or with a match for the key's GID amongst that process's Groups list. OTH  Grant the permission to any other process. Examples include: KEY_POS_VIEW, KEY_USR_READ, KEY_GRP_SEARCH and KEY_OTH_ALL. User, group and other grants are exclusive: if a process qualifies in the 'user' category, it will not qualify in the 'groups' category; and if a process qualifies in either 'user' or 'groups' then it will not qualify in the 'other' category. Possessor grants are cumulative with the grants from the 'user', 'groups' and 'other' categories.

RETURN VALUEOn success keyctl_setperm() returns 0 . On error, the value -1 will be returned and errno will have been set to an appropriate error.

ERRORSENOKEY  The specified key does not exist. EKEYEXPIRED  The specified key has expired. EKEYREVOKED  The specified key has been revoked. EACCES  The named key exists, but does not grant setattr permission to the calling process.

LINKINGThis is a library function that can be found in libkeyutils. When linking, −lkeyutils should be specified to the linker.

SEE ALSOkeyctl(1), add_key(2), keyctl(2), request_key(2), keyctl(3), keyrings(7), keyutils(7)
0
Johanes Gumabo
Data Size   :   10,814 byte
man-keyctl_setperm.3Build   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   3 / 171,010
Visitor ID   :     :  
Visitor IP   :   3.145.44.46   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.