Context Navigation

source: general/genlib/keyutils.xml@ f9a99954

Visit:

trunk

Last change on this file since f9a99954 was a4fa495, checked in by Xi Ruoyao <xry111@…>, 8 weeks ago
mitkrb: Some tests may use keyutils if installed, so they require kernel configuration for keyutils
Property mode set to `100644`
File size: 8.0 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY keyutils-download-http "https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/snapshot/keyutils-&keyutils-version;.tar.gz">
8	<!ENTITY keyutils-download-ftp " ">
9	<!ENTITY keyutils-md5sum "6b70b2b381c1b6d9adfaf66d5d3e7c00">
10	<!ENTITY keyutils-size "136 KB">
11	<!ENTITY keyutils-buildsize "2.6 MB (with tests)">
12	<!ENTITY keyutils-time "less than 0.1 SBU (add 0.4 SBU for tests)">
13	]>
14
15	<sect1 id="keyutils" xreflabel="keyutils-&keyutils-version;">
16	<?dbhtml filename="keyutils.html"?>
17
18
19	<title>keyutils-&keyutils-version;</title>
20
21	<indexterm zone="keyutils">
22	<primary sortas="a-keyutils">keyutils</primary>
23	</indexterm>
24
25	<sect2 role="package">
26	<title>Introduction to keyutils</title>
27
28	<para>
29	<application>Keyutils</application> is a set of utilities for managing
30	the key retention facility in the kernel, which can be used by
31	filesystems, block devices and more to gain and retain the authorization
32	and encryption keys required to perform secure operations.
33	</para>
34
35	&lfs121_checked;
36
37	<bridgehead renderas="sect3">Package Information</bridgehead>
38	<itemizedlist spacing="compact">
39	<listitem>
40	<para>
41	Download (HTTP): <ulink url="&keyutils-download-http;"/>
42	</para>
43	</listitem>
44	<listitem>
45	<para>
46	Download (FTP): <ulink url="&keyutils-download-ftp;"/>
47	</para>
48	</listitem>
49	<listitem>
50	<para>
51	Download MD5 sum: &keyutils-md5sum;
52	</para>
53	</listitem>
54	<listitem>
55	<para>
56	Download size: &keyutils-size;
57	</para>
58	</listitem>
59	<listitem>
60	<para>
61	Estimated disk space required: &keyutils-buildsize;
62	</para>
63	</listitem>
64	<listitem>
65	<para>
66	Estimated build time: &keyutils-time;
67	</para>
68	</listitem>
69	</itemizedlist>
70
71	<bridgehead renderas="sect3">Keyutils Dependencies</bridgehead>
72
73	<bridgehead renderas="sect4">Optional</bridgehead>
74	<para role="optional">
75	<xref linkend="lsb-tools"/> (referred by the test suite)
76	</para>
77	</sect2>
78
79	<sect2 role="kernel" id="keyutils-test-kernel"
80	xreflabel="Keyutils Kernel Configuration">
81	<title>Kernel Configuration</title>
82
83	<para>
84	If running the test suite, some tests needs the following kernel
85	features enabled:
86	</para>
87
88	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
89	href="keyutils-test-kernel.xml"/>
90
91	<indexterm zone="keyutils keyutils-test-kernel">
92	<primary sortas="d-keyutils">keyutils (testing)</primary>
93	</indexterm>
94	</sect2>
95	<sect2 role="installation">
96	<title>Installation of keyutils</title>
97
98	<para>
99	Install <application>keyutils</application> by running the following
100	commands:
101	</para>
102
103	<screen><userinput>make</userinput></screen>
104
105	<para>
106	Now, as the <systemitem class="username">root</systemitem> user:
107	</para>
108
109	<screen role="root"><userinput>make NO_ARLIB=1 LIBDIR=/usr/lib BINDIR=/usr/bin SBINDIR=/usr/sbin install</userinput></screen>
110
111	<para>
112	The test suite can only run after installing this package.
113	To test the results, issue, as the
114	<systemitem class="username">root</systemitem> user:
115	</para>
116
117	<screen role="root" remap="test"><userinput>make -k test</userinput></screen>
118
119	<para>
120	If <xref linkend='lsb-tools'/> is not installed, the test suite will
121	output some lines complaining the <command>lsb_release</command>
122	command not available but it won't affect the test result. One test
123	named <literal>TRY ADDING ASYMMETRIC KEYS</literal> is known to fail
124	due to the removal of the support for SHA1 with RSA signature
125	algorithm from Linux kernel version 6.7 <!-- commit 16ab7cb5825f -->
126	or newer.
127	</para>
128
129	</sect2>
130
131	<sect2 role="commands">
132	<title>Command Explanations</title>
133
134	<!--
135	<para>
136	<command>sed ... Makefile</command>: This command ensures the pkgconfig
137	file is placed in the correct directory.
138	</para>
139
140	<para>
141	<command>sed ... tests/toolbox.inc.sh</command>: In LFS, GCC has been
142	configured with <option>- -enable-default-pie</option> so
143	<command>/usr/bin/bash</command> is a PIE, but the test script does
144	not anticipate it. Fix this oversight so the test can run on a LFS
145	system.
146	</para>
147	-->
148
149	<para>
150	<parameter>NO_ARLIB=1</parameter>: This make flag disables installing the
151	static library.
152	</para>
153
154	</sect2>
155
156	<sect2 role="configuration">
157	<title>Configuring keyutils</title>
158
159	<sect3 id="keyutils-config">
160	<title>Config Files</title>
161
162	<para>
163	<filename>/etc/request-key.conf</filename> and
164	<filename>/etc/request-key.d/*</filename>
165	</para>
166
167	<indexterm zone="keyutils keyutils-config">
168	<primary sortas="e-etc-request-key.conf">/etc/request-key.conf</primary>
169	</indexterm>
170
171	<indexterm zone="keyutils keyutils-config">
172	<primary sortas="e-etc-request-key.d">/etc/request-key.d/*</primary>
173	</indexterm>
174
175	</sect3>
176
177	</sect2>
178
179	<sect2 role="content">
180	<title>Contents</title>
181
182	<segmentedlist>
183	<segtitle>Installed Programs</segtitle>
184	<segtitle>Installed Library</segtitle>
185	<segtitle>Installed Directory</segtitle>
186
187	<seglistitem>
188	<seg>keyctl, key.dns_resolver, and request-key</seg>
189	<seg>libkeyutils.so</seg>
190	<seg>/etc/keyutils,
191	/etc/request-key.d,
192	and /usr/share/keyutils</seg>
193	</seglistitem>
194	</segmentedlist>
195
196	<variablelist>
197	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
198	<?dbfo list-presentation="list"?>
199	<?dbhtml list-presentation="table"?>
200
201	<varlistentry id="keyctl">
202	<term><command>keyctl</command></term>
203	<listitem>
204	<para>
205	controls the key management facility with a variety of subcommands
206	</para>
207	<indexterm zone="keyutils keyctl">
208	<primary sortas="b-keyctl">keyctl</primary>
209	</indexterm>
210	</listitem>
211	</varlistentry>
212
213	<varlistentry id="key.dns_resolver">
214	<term><command>key.dns_resolver</command></term>
215	<listitem>
216	<para>
217	is invoked by <command>request-key</command> on behalf of the
218	kernel when kernel services (such as NFS, CIFS and AFS) need to
219	perform a hostname lookup and the kernel does not have the key
220	cached. It is not ordinarily intended to be called directly
221	</para>
222	<indexterm zone="keyutils key.dns_resolver">
223	<primary sortas="b-key.dns_resolver">key.dns_resolver</primary>
224	</indexterm>
225	</listitem>
226	</varlistentry>
227
228	<varlistentry id="request-key">
229	<term><command>request-key</command></term>
230	<listitem>
231	<para>
232	is invoked by the kernel when the kernel is asked for a key that it
233	doesn't have immediately available. The kernel creates a temporary
234	key and then calls out to this program to instantiate it. It is
235	not intended to be called directly
236	</para>
237	<indexterm zone="keyutils request-key">
238	<primary sortas="b-request-keyt-key">request-key</primary>
239	</indexterm>
240	</listitem>
241	</varlistentry>
242
243	<varlistentry id="libkeyutils">
244	<term><filename class="libraryfile">libkeyutils.so</filename></term>
245	<listitem>
246	<para>
247	contains the keyutils library API instantiation
248	</para>
249	<indexterm zone="keyutils libkeyutils">
250	<primary sortas="c-libkeyutils">libkeyutils.so</primary>
251	</indexterm>
252	</listitem>
253	</varlistentry>
254
255	</variablelist>
256
257	</sect2>
258
259	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: