700920eb5b
The kernel contains some special internal keyrings, for instance the DNS resolver keyring : 2a93faf1 I----- 1 perm 1f030000 0 0 keyring .dns_resolver: empty It would occasionally be useful to allow the contents of such keyrings to be flushed by root (cache invalidation). Allow a flag to be set on a keyring to mark that someone possessing the sysadmin capability can clear the keyring, even without normal write access to the keyring. Set this flag on the special keyrings created by the DNS resolver, the NFS identity mapper and the CIFS identity mapper. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Jeff Layton <jlayton@redhat.com> Acked-by: Steve Dickson <steved@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> |
||
---|---|---|
.. | ||
00-INDEX | ||
apparmor.txt | ||
credentials.txt | ||
keys-ecryptfs.txt | ||
keys-request-key.txt | ||
keys-trusted-encrypted.txt | ||
keys.txt | ||
LSM.txt | ||
SELinux.txt | ||
Smack.txt | ||
tomoyo.txt |