CALL_USERMODEHELPER_(9) Module Support CALL_USERMODEHELPER_(9)NAME
call_usermodehelper_setkeys - set the session keys for usermode helper
SYNOPSIS
void call_usermodehelper_setkeys(struct subprocess_info * info, struct key * session_keyring);
ARGUMENTS
info
a subprocess_info returned by call_usermodehelper_setup
session_keyring
the session keyring for the process
COPYRIGHT Kernel Hackers Manual 2.6. July 2010 CALL_USERMODEHELPER_(9)
Check Out this Related Man Page
PAM_KEYINIT(8) Linux-PAM Manual PAM_KEYINIT(8)NAME
pam_keyinit - Kernel session keyring initialiser module
SYNOPSIS
pam_keyinit.so [debug] [force] [revoke]
DESCRIPTION
The pam_keyinit PAM module ensures that the invoking process has a session keyring other than the user default session keyring.
The session component of the module checks to see if the process's session keyring is the user default, and, if it is, creates a new
anonymous session keyring with which to replace it.
If a new session keyring is created, it will install a link to the user common keyring in the session keyring so that keys common to the
user will be automatically accessible through it.
The session keyring of the invoking process will thenceforth be inherited by all its children unless they override it.
This module is intended primarily for use by login processes. Be aware that after the session keyring has been replaced, the old session
keyring and the keys it contains will no longer be accessible.
This module should not, generally, be invoked by programs like su, since it is usually desirable for the key set to percolate through to
the alternate context. The keys have their own permissions system to manage this.
This module should be included as early as possible in a PAM configuration, so that other PAM modules can attach tokens to the keyring.
The keyutils package is used to manipulate keys more directly. This can be obtained from:
Keyutils [1]
OPTIONS
debug
Log debug information with syslog(3).
force
Causes the session keyring of the invoking process to be replaced unconditionally.
revoke
Causes the session keyring of the invoking process to be revoked when the invoking process exits if the session keyring was created for
this process in the first place.
MODULE TYPES PROVIDED
Only the session module type is provided.
RETURN VALUES
PAM_SUCCESS
This module will usually return this value
PAM_AUTH_ERR
Authentication failure.
PAM_BUF_ERR
Memory buffer error.
PAM_IGNORE
The return value should be ignored by PAM dispatch.
PAM_SERVICE_ERR
Cannot determine the user name.
PAM_SESSION_ERR
This module will return this value if its arguments are invalid or if a system error such as ENOMEM occurs.
PAM_USER_UNKNOWN
User not known.
EXAMPLES
Add this line to your login entries to start each login session with its own session keyring:
session required pam_keyinit.so
This will prevent keys from one session leaking into another session for the same user.
SEE ALSO pam.conf(5), pam.d(5), pam(8)keyctl(1)AUTHOR
pam_keyinit was written by David Howells, <dhowells@redhat.com>.
NOTES
1. Keyutils
http://people.redhat.com/~dhowells/keyutils/
Linux-PAM Manual 04/01/2010 PAM_KEYINIT(8)
Hi all,
I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only.
Regards (6 Replies)
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Hi,
Last 2 weeks I have searched many forums and i haven't found the answer for the question:
How to get all command output to Putty title?
Needed it for other programs to know when some jobs on a server is done and is it done right or wrong. Plink stdout and stdin wasn't working, i used many... (1 Reply)
anyone have any idea how do to this with auth_attr?
I suspect if I grant him
solaris.device.:RO::Device Allocation::help=DevAllocHeader.html
that will work but I'm unsure. Just looking for a second opinion. (10 Replies)
I am looking for a stable, reliable system to replace my current Windows systems in the home. These are simple systems that I purchased from the local Big Box store.
I have heard many good things about Unix and it's various children and it sounds like a good option to me. I have worked... (2 Replies)
We have a lot of scripts using cut as :
cut -c 0-8 --works for cut (GNU coreutils) 5.97, but does not work for cut (GNU coreutils) 8.4.
Gives error -
cut: fields and positions are numbered from 1
Try `cut --help' for more information.
The position needs to start with 1 for later... (6 Replies)
I've got a problem with a proxy configuration. We have an LDAP group that lists all users who are authorised to use the proxy to FTP (usually Filezilla) out to the world, and by implication those not in the group should be denied. My users are delighted that this has been enabled and those that... (9 Replies)
hi folks,
how to using tar with exclude directory and compress it using tar.Z
i only know how to exclude dir only with this command below:
tar -cvf /varios/restore/test.tar -X excludefile.txt /jfma/test1/
how to compress it using 1 command?
Thanx
Please use CODE tags as... (6 Replies)
Hello All,
I had recently learnt a bit of Docker(which provides containerization process).
Here are some of my learning points from it.
Let us start first with very basic question:
What is Docker:
Docker is a platform for sysadmins and developers to DEPLOY, DEVELOP and RUN applications ... (7 Replies)
What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file.
# When the shell exits, append to the history file instead of overwriting it
shopt -s histappend (3 Replies)
Hello for all,
I am testing the behavior of a 32 bit application running on Solaris 5.10 (SPARC), and realize it reaches 4GB of memory and then crashes.
It doesn't matter the amount of used memory as application is intended to perform many transactions; rather, what I want to achieve is to... (2 Replies)