NAME         top

       keyctl_restrict_keyring  -  restrict  keys  that  may  be linked to a

SYNOPSIS         top

       #include <keyutils.h>

       long keyctl_restrict_keyring(key_serial_t keyring,
       const char *type, const char *restriction);

DESCRIPTION         top

       keyctl_restrict_keyring() limits the linkage of keys to the given
       keyring using a provided key type and restriction scheme. The
       available options vary depending on the key type, and typically
       contain a restriction name possibly followed by key ids or other data
       relevant to the restriction. If the type and restriction are both
       NULL, the keyring will reject all links.

RETURN VALUE         top

       On success keyctl_restrict_keyring() returns 0.  On error, the value
       -1 will be returned and errno will have been set to an appropriate

ERRORS         top

              A restriction cycle was avoided. Two keyrings cannot restrict
              each other.

       EEXIST The keyring is already restricted.

       EINVAL The restriction string is invalid or too large.

       ENOKEY The key type in the restriction is invalid or not available.

              The provided key id references an item that is not a keyring.

       ENOENT The key type exists but does not support restrictions.

LINKING         top

       This is a library function that can be found in libkeyutils.  When
       linking, -lkeyutils should be specified to the linker.

SEE ALSO         top

       keyctl(1), keyctl(2), keyctl(3), keyutils(7)

COLOPHON         top

       This page is part of the keyutils (key management utilities) project.
       Information about the project can be found at [unknown -- if you
       know, please contact] If you have a bug report for
       this manual page, send it to  This page was
       obtained from the project's upstream Git repository
       on 2018-10-29.  (At that time, the date of the most recent commit
       that was found in the repository was 2018-08-21.)  If you discover
       any rendering problems in this HTML version of the page, or you
       believe there is a better or more up-to-date source for the page, or
       you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a mail

Linux                            28 Feb 2017      KEYCTL_RESTRICT_KEYRING(3)

Pages that refer to this page: keyctl(3)