2 .\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
3 .\" Written by David Howells (dhowells@redhat.com)
5 .\" This program is free software; you can redistribute it and/or
6 .\" modify it under the terms of the GNU General Public License
7 .\" as published by the Free Software Foundation; either version
8 .\" 2 of the License, or (at your option) any later version.
10 .TH KEYCTL_SETPERM 3 "4 May 2006" Linux "Linux Key Management Calls"
11 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
13 keyctl_setperm \- Change the permissions mask on a key
14 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
17 .B #include <keyutils.h>
19 .BI "long keyctl_setperm(key_serial_t " key ", key_perm_t " perm ");"
20 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
23 changes the permissions mask on a key.
25 A process that does not have the
27 capability may not change the permissions mask on a key that doesn't have the
28 same UID as the caller.
32 permission on a key to be able change its permissions mask.
34 The permissions mask is a bitwise-OR of the following flags:
37 Grant permission to view the attributes of a key.
40 Grant permission to read the payload of a key or to list a keyring.
43 Grant permission to modify the payload of a key or to add or remove links
47 Grant permission to find a key or to search a keyring.
50 Grant permission to make links to a key.
53 Grant permission to change the ownership and permissions attributes of a key.
60 in the above should be replaced by one of:
63 Grant the permission to a process that possesses the key (has it attached
64 searchably to one of the process's keyrings).
67 Grant the permission to a process with the same UID as the key.
70 Grant the permission to a process with the same GID as the key, or with a
71 match for the key's GID amongst that process's Groups list.
74 Grant the permission to any other process.
77 .BR KEY_POS_VIEW ", " KEY_USR_READ ", " KEY_GRP_SEARCH " and " KEY_OTH_ALL .
79 User, group and other grants are exclusive: if a process qualifies in
80 the 'user' category, it will not qualify in the 'groups' category; and if a
81 process qualifies in either 'user' or 'groups' then it will not qualify in
84 Possessor grants are cumulative with the grants from the 'user', 'groups'
85 and 'other' categories.
86 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
94 will be returned and errno will have been set to an appropriate error.
95 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
99 The specified key does not exist.
102 The specified key has expired.
105 The specified key has been revoked.
108 The named key exists, but does not grant
110 permission to the calling process.
111 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
113 This is a library function that can be found in
117 should be specified to the linker.
118 .\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""