keyutils historical version 1.2

- Remove syscall manual pages (section 2) to man-pages package [BZ 203582]
- Don't write to serial port in debugging script
- Call ldconfig during (un)installation.

6 files changed, 25 insertions, 467 deletions

diff --git a/Makefile b/Makefile
index 51f94d7..202c169 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ CFLAGS		:= -g -O2 -Wall
 INSTALL		:= install
 DESTDIR		:=
 MAJOR		:= 1
-MINOR		:= 1
+MINOR		:= 2
 VERSION		:= $(MAJOR).$(MINOR)
 NO_GLIBC_KEYERR	:= 0
 NO_GLIBC_KEYSYS	:= 0
@@ -80,7 +80,6 @@ request-key: request-key.c keyutils.h Makefile
 
 
 MAN1	:= $(DESTDIR)/usr/share/man/man1
-MAN2	:= $(DESTDIR)/usr/share/man/man2
 MAN3	:= $(DESTDIR)/usr/share/man/man3
 MAN5	:= $(DESTDIR)/usr/share/man/man5
 MAN8	:= $(DESTDIR)/usr/share/man/man8
@@ -98,9 +97,6 @@ endif
 	$(INSTALL) -D request-key-debug.sh $(DESTDIR)$(SHAREDIR)/request-key-debug.sh
 	$(INSTALL) -D -m 0644 request-key.conf $(DESTDIR)$(ETCDIR)/request-key.conf
 	$(INSTALL) -D -m 0644 keyctl.1 $(MAN1)/keyctl.1
-	$(INSTALL) -D -m 0644 add_key.2 $(MAN2)/add_key.2
-	$(INSTALL) -D -m 0644 keyctl.2 $(MAN2)/keyctl.2
-	$(INSTALL) -D -m 0644 request_key.2 $(MAN2)/request_key.2
 	$(INSTALL) -D -m 0644 keyctl_chown.3 $(MAN3)/keyctl_chown.3
 	$(INSTALL) -D -m 0644 keyctl_clear.3 $(MAN3)/keyctl_clear.3
 	$(INSTALL) -D -m 0644 keyctl_describe.3 $(MAN3)/keyctl_describe.3
diff --git a/add_key.2 b/add_key.2
deleted file mode 100644
index e713f00..0000000
--- a/add_key.2
+++ /dev/null
@@ -1,137 +0,0 @@
-.\"
-.\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
-.\" Written by David Howells (dhowells@redhat.com)
-.\"
-.\" This program is free software; you can redistribute it and/or
-.\" modify it under the terms of the GNU General Public License
-.\" as published by the Free Software Foundation; either version
-.\" 2 of the License, or (at your option) any later version.
-.\"
-.TH ADD_KEY 2 "4 May 2006" Linux "Linux Key Management Calls"
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH NAME
-add_key \- Add a key to the kernel's key management facility
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH SYNOPSIS
-.nf
-.B #include <keyutils.h>
-.sp
-.BI "key_serial_t add_key(const char *" type ", const char *" description ,
-.BI "const void *" payload ", size_t " plen ", key_serial_t " keyring ");"
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH DESCRIPTION
-.BR add_key ()
-asks the kernel to create or update a key of the given
-.I type
-and
-.IR description ,
-instantiate it with the
-.I payload
-of length
-.IR plen ,
-and to attach it to the nominated
-.I keyring
-and to return its serial number.
-.P
-The key type may reject the data if it's in the wrong format or in some other
-way invalid.
-.P
-If the destination
-.I keyring
-already contains a key that matches the specified
-.IR type " and " description
-then, if the key type supports it, that key will be updated rather than a new
-key being created; if not, a new key will be created and it will displace the
-link to the extant key from the keyring.
-.P
-The destination
-.I keyring
-serial number may be that of a valid keyring to which the caller has write
-permission, or it may be a special keyring ID:
-.TP
-.B KEY_SPEC_THREAD_KEYRING
-This specifies the caller's thread-specific keyring.
-.TP
-.B KEY_SPEC_PROCESS_KEYRING
-This specifies the caller's process-specific keyring.
-.TP
-.B KEY_SPEC_SESSION_KEYRING
-This specifies the caller's session-specific keyring.
-.TP
-.B KEY_SPEC_USER_KEYRING
-This specifies the caller's UID-specific keyring.
-.TP
-.B KEY_SPEC_USER_SESSION_KEYRING
-This specifies the caller's UID-session keyring.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH KEY TYPES
-There are a number of key types available in the core key management code, and
-these can be specified to this function:
-.TP
-.B \*(lquser\*(rq
-Keys of the user-defined key type may contain a blob of arbitrary data, and the
-.I description
-may be any valid string, though it is preferred that the description be
-prefixed with a string representing the service to which the key is of interest
-and a colon (for instance
-.RB \*(lq afs:mykey \*(rq).
-The
-.I payload
-may be empty or
-.B NULL
-for keys of this type.
-.TP
-.B \*(lqkeyring\*(rq
-Keyrings are special key types that may contain links to sequences of other
-keys of any type.  If this interface is used to create a keyring, then a
-.B NULL
-.I payload
-should be specified, and
-.I plen
-should be zero.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH RETURN VALUE
-On success
-.BR add_key ()
-returns the serial number of the key it created or updated.
-On error, the value
-.B -1
-will be returned and errno will have been set to an appropriate error.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH ERRORS
-.TP
-.B ENOKEY
-The keyring doesn't exist.
-.TP
-.B EKEYEXPIRED
-The keyring has expired.
-.TP
-.B EKEYREVOKED
-The keyring has been revoked.
-.TP
-.B EINVAL
-The payload data was invalid.
-.TP
-.B ENOMEM
-Insufficient memory to create a key.
-.TP
-.B EDQUOT
-The key quota for this user would be exceeded by creating this key or linking
-it to the keyring.
-.TP
-.B EACCES
-The keyring wasn't available for modification by the user.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH LINKING
-Although this is a Linux system call, it is not present in
-.I libc
-but can be found rather in
-.IR libkeyutils .
-When linking,
-.B -lkeyutils
-should be specified to the linker.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH SEE ALSO
-.BR keyctl (1),
-.BR keyctl (2),
-.BR request_key (2)
diff --git a/keyctl.2 b/keyctl.2
deleted file mode 100644
index 9769b16..0000000
--- a/keyctl.2
+++ /dev/null
@@ -1,166 +0,0 @@
-.\"
-.\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
-.\" Written by David Howells (dhowells@redhat.com)
-.\"
-.\" This program is free software; you can redistribute it and/or
-.\" modify it under the terms of the GNU General Public License
-.\" as published by the Free Software Foundation; either version
-.\" 2 of the License, or (at your option) any later version.
-.\"
-.TH KEYCTL 2 "4 May 2006" Linux "Linux Key Management Calls"
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH NAME
-keyctl \- Manipulate the kernel's key management facility
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH SYNOPSIS
-.nf
-.B #include <keyutils.h>
-.sp
-.BI "long keyctl(int " cmd ", ...);"
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH DESCRIPTION
-.BR keyctl ()
-has a number of functions available:
-.TP
-.B KEYCTL_GET_KEYRING_ID	
-Ask for a keyring's ID.
-.TP
-.B KEYCTL_JOIN_SESSION_KEYRING	
-Join or start named session keyring.
-.TP
-.B KEYCTL_UPDATE			
-Update a key.
-.TP
-.B KEYCTL_REVOKE			
-Revoke a key.
-.TP
-.B KEYCTL_CHOWN			
-Set ownership of a key.
-.TP
-.B KEYCTL_SETPERM			
-Set perms on a key.
-.TP
-.B KEYCTL_DESCRIBE			
-Describe a key.
-.TP
-.B KEYCTL_CLEAR			
-Clear contents of a keyring.
-.TP
-.B KEYCTL_LINK			
-Link a key into a keyring.
-.TP
-.B KEYCTL_UNLINK			
-Unlink a key from a keyring.
-.TP
-.B KEYCTL_SEARCH			
-Search for a key in a keyring.
-.TP
-.B KEYCTL_READ			
-Read a key or keyring's contents.
-.TP
-.B KEYCTL_INSTANTIATE		
-Instantiate a partially constructed key.
-.TP
-.B KEYCTL_NEGATE			
-Negate a partially constructed key.
-.TP
-.B KEYCTL_SET_REQKEY_KEYRING	
-Set default request-key keyring.
-.TP
-.B KEYCTL_SET_TIMEOUT		
-Set timeout on a key.
-.TP
-.B KEYCTL_ASSUME_AUTHORITY		
-Assume authority to instantiate key.
-.P
-These are wrapped by
-.B libkeyutils
-into individual functions to permit compiler the compiler to check types.
-See the
-.B See Also
-section at the bottom.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH RETURN VALUE
-On success
-.BR keyctl ()
-returns the serial number of the key it found.
-On error, the value
-.B -1
-will be returned and errno will have been set to an appropriate error.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH ERRORS
-.TP
-.B ENOKEY
-No matching key was found or an invalid key was specified.
-.TP
-.B EKEYEXPIRED
-An expired key was found or specified.
-.TP
-.B EKEYREVOKED
-A revoked key was found or specified.
-.TP
-.B EKEYREJECTED
-A rejected key was found or specified.
-.TP
-.B EDQUOT
-The key quota for the caller's user would be exceeded by creating a key or
-linking it to the keyring.
-.TP
-.B EACCES
-A key operation wasn't permitted.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH LINKING
-Although this is a Linux system call, it is not present in
-.I libc
-but can be found rather in
-.IR libkeyutils .
-When linking,
-.B -lkeyutils
-should be specified to the linker.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH SEE ALSO
-.BR keyctl (1),
-.br
-.BR add_key (2),
-.br
-.BR request_key (2),
-.br
-.BR keyctl_get_keyring_ID (3),
-.br
-.BR keyctl_join_session_keyring (3),
-.br
-.BR keyctl_update (3),
-.br
-.BR keyctl_revoke (3),
-.br
-.BR keyctl_chown (3),
-.br
-.BR keyctl_setperm (3),
-.br
-.BR keyctl_describe (3),
-.br
-.BR keyctl_clear (3),
-.br
-.BR keyctl_link (3),
-.br
-.BR keyctl_unlink (3),
-.br
-.BR keyctl_search (3),
-.br
-.BR keyctl_read (3),
-.br
-.BR keyctl_instantiate (3),
-.br
-.BR keyctl_negate (3),
-.br
-.BR keyctl_set_reqkey_keyring (3),
-.br
-.BR keyctl_set_timeout (3),
-.br
-.BR keyctl_assume_authority (3),
-.br
-.BR keyctl_describe_alloc (3),
-.br
-.BR keyctl_read_alloc (3),
-.br
-.BR request-key (8)
diff --git a/keyutils.spec b/keyutils.spec
index a68a103..4abec01 100644
--- a/keyutils.spec
+++ b/keyutils.spec
@@ -1,12 +1,12 @@
 %define vermajor 1
-%define version %{vermajor}.1
+%define version %{vermajor}.2
 %define libdir /%{_lib}
 %define usrlibdir %{_prefix}/%{_lib}
 
 Summary: Linux Key Management Utilities
 Name: keyutils
 Version: %{version}
-Release: 3%{?dist}
+Release: 1%{?dist}
 License: GPL/LGPL
 Group: System Environment/Base
 ExclusiveOS: Linux
@@ -62,6 +62,9 @@ make \
 %clean
 rm -rf $RPM_BUILD_ROOT
 
+%post libs -p /sbin/ldconfig
+%postun libs -p /sbin/ldconfig
+
 %files
 %defattr(-,root,root,-)
 %doc README LICENCE.GPL
@@ -83,10 +86,16 @@ rm -rf $RPM_BUILD_ROOT
 %defattr(-,root,root,-)
 %{usrlibdir}/libkeyutils.so
 %{_includedir}/*
-%{_mandir}/man2/*
 %{_mandir}/man3/*
 
 %changelog
+* Tue Aug 22 2006 David Howells <dhowells@redhat.com> - 1.2-1
+- Remove syscall manual pages (section 2) to man-pages package [BZ 203582]
+- Don't write to serial port in debugging script
+
+* Mon Jun 5 2006 David Howells <dhowells@redhat.com> - 1.1-4
+- Call ldconfig during (un)installation.
+
 * Fri May 5 2006 David Howells <dhowells@redhat.com> - 1.1-3
 - Don't include the release number in the shared library filename
 - Don't build static library
diff --git a/request-key-debug.sh b/request-key-debug.sh
index ece42a4..83af01d 100755
--- a/request-key-debug.sh
+++ b/request-key-debug.sh
@@ -16,21 +16,18 @@
 # Call: request-key-debug.sh <keyid> <desc> <callout> <session-keyring>
 #
 
-{
-    echo RQDebug keyid: $1
-    echo RQDebug desc: $2
-    echo RQDebug callout: $3
-    echo RQDebug session keyring: $4
+echo RQDebug keyid: $1
+echo RQDebug desc: $2
+echo RQDebug callout: $3
+echo RQDebug session keyring: $4
 
-    if [ "$3" != "neg" ]
-	then
-	keyctl instantiate $1 "Debug $3" $4 || exit 1
-    else
-	cat /proc/keys
-	echo keyctl negate $1 30 $4
-	keyctl negate $1 30 $4
-    fi
-
-} >&/dev/ttyS0
+if [ "$3" != "neg" ]
+then
+    keyctl instantiate $1 "Debug $3" $4 || exit 1
+else
+    cat /proc/keys
+    echo keyctl negate $1 30 $4
+    keyctl negate $1 30 $4
+fi
 
 exit 0
diff --git a/request_key.2 b/request_key.2
deleted file mode 100644
index aeb5110..0000000
--- a/request_key.2
+++ /dev/null
@@ -1,141 +0,0 @@
-.\"
-.\" Copyright (C) 2006 Red Hat, Inc. All Rights Reserved.
-.\" Written by David Howells (dhowells@redhat.com)
-.\"
-.\" This program is free software; you can redistribute it and/or
-.\" modify it under the terms of the GNU General Public License
-.\" as published by the Free Software Foundation; either version
-.\" 2 of the License, or (at your option) any later version.
-.\"
-.TH REQUEST_KEY 2 "4 May 2006" Linux "Linux Key Management Calls"
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH NAME
-request_key \- Request a key from the kernel's key management facility
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH SYNOPSIS
-.nf
-.B #include <keyutils.h>
-.sp
-.BI "key_serial_t request_key(const char *" type ", const char *" description ,
-.BI "const char *" callout_info ", key_serial_t " keyring ");"
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH DESCRIPTION
-.BR request_key ()
-asks the kernel to find a key of the given
-.I type
-that matches the specified
-.I description
-and, if successful, to attach it to the nominated
-.I keyring
-and to return its serial number.
-.P
-.BR request_key ()
-first recursively searches all the keyrings attached to the calling process in
-the order thread-specific keyring, process-specific keyring and then session
-keyring for a matching key.
-.P
-If
-.BR request_key ()
-is called from a program invoked by
-.BR request_key ()
-on behalf of some other process to generate a key, then the keyrings of that
-other process will be searched next, using that other process's UID, GID,
-groups and security context to control access.
-.P
-The keys in each keyring searched are checked for a match before any child
-keyrings are recursed into.  Only keys that are
-.B searchable
-for the caller may be found, and only
-.B searchable
-keyrings may be searched.
-.P
-If the key is not found then, if
-.I callout_info
-is set, this function will attempt to look further afield.  In such a case, the
-.I callout_info
-is passed to a userspace service such as
-.B /sbin/request\-key
-to generate the key.
-.P
-If that is unsuccessful also, then an error will be returned, and a temporary
-negative key will be installed in the nominated
-.IR keyring .
-This will expire after a few seconds, but will cause subsequent
-calls to
-.BR request_key ()
-to fail until it does.
-.P
-The
-.I keyring
-serial number may be that of a valid keyring to which the caller has write
-permission, or it may be a special keyring ID:
-.TP
-.B KEY_SPEC_THREAD_KEYRING
-This specifies the caller's thread-specific keyring.
-.TP
-.B KEY_SPEC_PROCESS_KEYRING
-This specifies the caller's process-specific keyring.
-.TP
-.B KEY_SPEC_SESSION_KEYRING
-This specifies the caller's session-specific keyring.
-.TP
-.B KEY_SPEC_USER_KEYRING
-This specifies the caller's UID-specific keyring.
-.TP
-.B KEY_SPEC_USER_SESSION_KEYRING
-This specifies the caller's UID-session keyring.
-.P
-If a key is created, no matter whether it's a valid key or a negative key, it
-will displace any other key of the same type and description from the
-destination
-.IR keyring .
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH RETURN VALUE
-On success
-.BR request_key ()
-returns the serial number of the key it found.
-On error, the value
-.B -1
-will be returned and errno will have been set to an appropriate error.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH ERRORS
-.TP
-.B ENOKEY
-No matching key was found.
-.TP
-.B EKEYEXPIRED
-An expired key was found, but no replacement could be obtained.
-.TP
-.B EKEYREVOKED
-A revoked key was found, but no replacement could be obtained.
-.TP
-.B EKEYREJECTED
-The attempt to generate a new key was rejected.
-.TP
-.B ENOMEM
-Insufficient memory to create a key.
-.TP
-.B EINTR
-The request was interrupted by a signal.
-.TP
-.B EDQUOT
-The key quota for this user would be exceeded by creating this key or linking
-it to the keyring.
-.TP
-.B EACCES
-The keyring wasn't available for modification by the user.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH LINKING
-Although this is a Linux system call, it is not present in
-.I libc
-but can be found rather in
-.IR libkeyutils .
-When linking,
-.B -lkeyutils
-should be specified to the linker.
-.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
-.SH SEE ALSO
-.BR keyctl (1),
-.BR add_key (2),
-.BR keyctl (2),
-.BR request-key (8)