Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754533AbcLQKfC (ORCPT <rfc822;w@1wt.eu>);
        Sat, 17 Dec 2016 05:35:02 -0500
Received: from mail-wj0-f194.google.com ([209.85.210.194]:34644 "EHLO
        mail-wj0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752195AbcLQKfA (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 17 Dec 2016 05:35:00 -0500
Subject: Re: Revised request_key(2) man page for review
To: David Howells <dhowells@redhat.com>
References: <CAKgNAkiOzLwoLN-Kaa3-jHUJuYxp-YcL-5FbCe-pOkxGq_u5-g@mail.gmail.com>
 <528b203d-ac72-e4a6-8517-e8c5c11055a4@gmail.com>
 <23323.1481796656@warthog.procyon.org.uk>
Cc: mtk.manpages@gmail.com, keyrings@vger.kernel.org,
        linux-man <linux-man@vger.kernel.org>,
        Eugene Syromyatnikov <evgsyr@gmail.com>,
        lkml <linux-kernel@vger.kernel.org>
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
Message-ID: <00a561ef-34c2-40e0-335d-66d34518ba8d@gmail.com>
Date: Sat, 17 Dec 2016 11:34:55 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <23323.1481796656@warthog.procyon.org.uk>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1483
Lines: 42

Hello David,

On 12/15/2016 11:10 AM, David Howells wrote:
> Michael Kerrisk (man-pages) <mtk.manpages@gmail.com> wrote:
> 
>>>        │Is 'keyring' allowed to be 0? Reading the source, it │
>>>        │appears so.  In this case, by default,  the  key  is │
>>>        │assigned   to   the   session   keyring.   But,  the │
>>>        │KEYCTL_SET_REQKEY_KEYRING  also  seems  to  have  an │
>>>        │influence here.  What are the details here?          │
> 
> Yes, the destination keyring can be 0.  If you don't specify a destination
> keyring, then:
> 
>  (1) If the key is found to already exist, the serial number is returned, but
>      no extra link is made.
> 
>  (2) If an error occurs other than "this key doesn't exist", then you'll just
>      get the error.
> 
>  (3) If we have to construct a new key, this will be attached to the default
>      keyring (as there's no destination keyring to attach to).

Okay. Please take a look at the revised text that I'll send out
after applying Eugene's patch. (Mail in a few minutes.)

>>>            # echo 'create user mtk:* *   /bin/keyctl instantiate %k %c %S' \
>>>                      > /etc/request-keys.conf
> 
> There's a /etc/request-keys.d/ directory now.

Yes, I'm aware. Did you mean I should fix something on this page?

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/