handle key instantiation callback requests from the ker‐ nel
This program is invoked by the kernel when the kernel is asked for a key that it doesn't have immediately available. The kernel creates a partially set up key and then calls out to this program to instantiate it. It is not intended to be called directly. However, for debugging purposes, it can be given some options on the command line: -d Turn on debugging mode. In this mode, no attempts are made to access any keys and, if a handler program is selected, it won't be executed; instead, this program will print a message and exit 0. -D In debugging mode, use the proposed key description specified with this rather than the sample ("user;0;0;1f0000;debug:1234") built into the program. -l Use configuration from the current directory. The program will use request-key.d/* and request-key.conf from the current direc‐ tory rather than from /etc. -n Don't log to the system log. Ordinarily, error messages and de‐ bugging messages will be copied to the system log - this will prevent that. -v Turn on debugging output. This may be specified multiple times to produce increasing levels of verbosity. --version Print the program version and exit.
All errors will be logged to the syslog.
/etc/request-key.d/*.conf Individual configuration files. /etc/request-key.conf Fallback configuration file.
keyctl(1), request-key.conf(5), keyrings(7)