Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 700920eb authored by David Howells's avatar David Howells Committed by James Morris
Browse files

KEYS: Allow special keyrings to be cleared 



The kernel contains some special internal keyrings, for instance the DNS
resolver keyring :

2a93faf1 I-----     1 perm 1f030000     0     0 keyring   .dns_resolver: empty

It would occasionally be useful to allow the contents of such keyrings to be
flushed by root (cache invalidation).

Allow a flag to be set on a keyring to mark that someone possessing the
sysadmin capability can clear the keyring, even without normal write access to
the keyring.

Set this flag on the special keyrings created by the DNS resolver, the NFS
identity mapper and the CIFS identity mapper.

Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Acked-by: default avatarJeff Layton <jlayton@redhat.com>
Acked-by: default avatarSteve Dickson <steved@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 53999bf3
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment