keyctl_move - Man Page

Move a key between keyrings

Synopsis

#include <keyutils.h>

long keyctl_move(key_serial_t key, key_serial_t from_keyring,
                 key_serial_t to_keyring, unsigned int flags);

Description

keyctl_move() atomically unlinks key from from_keyring and links it into to_keyring in a single operation.  Depending on the flags set, a link to any matching key in to_keyring may get displaced.

flags is a bitwise-OR of zero or more of the following flags:

KEYCTL_MOVE_EXCL

If there's a matching key in to_keyring, don't displace it but rather return an error.

The caller must have write permission on both keyring to be able create or remove links in them.

The caller must have link permission on a key to be able to create a new link to it.

Return Value

On success keyctl_move() return 0. On error, the value -1 will be returned and errno will have been set to an appropriate error.

Errors

ENOKEY

The key or one of the keyrings specified are invalid.

ENOKEY

A key with the same type and description is present in to_keyring and KEYCTL_MOVE_EXCL is set.

EKEYEXPIRED

The key or one of the keyrings specified have expired.

EKEYREVOKED

The key or one of the keyrings specified have been revoked.

EACCES

The key exists, but is not linkable by the calling process.

EACCES

The keyrings exist, but are not writable by the calling process.

ENOMEM

Insufficient memory to effect the changes.

EDQUOT

Expanding to_keyring would exceed the keyring owner's quota.

Linking

This is a library function that can be found in libkeyutils. When linking, -lkeyutils should be specified to the linker.

See Also

keyctl(1), add_key(2), keyctl(2), request_key(2), keyctl(3), keyrings(7), keyutils(7)

Referenced By

keyctl(3).

29 May 2019 Linux Key Management Calls