keyutils-1.6.1
Introduction to keyutils
Keyutils is a set of utilities for
managing the key retention facility in the kernel, which can be
used by filesystems, block devices and more to gain and retain the
authorization and encryption keys required to perform secure
operations.
This package is known to build and work properly using an LFS-10.1
platform.
Package Information
keyutils Dependencies
Required
MIT Kerberos V5-1.19.1
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/keyutils
Installation of keyutils
Install keyutils by running the
following commands:
sed -i 's:$(LIBDIR)/$(PKGCONFIG_DIR):/usr/lib/pkgconfig:' Makefile &&
make
To test the results, issue, as the root
user:
sed -i '/find/s:/usr/bin/::' tests/Makefile &&
make -k test
Note that several tests will fail if certain uncommon kernel
options were not used when the kernel was built. These include
CONFIG_BIG_KEYS, CONFIG_KEY_DH_OPERATIONS, and CONFIG_CRYPTO_DH.
Now, as the root
user:
make NO_ARLIB=1 install
Command Explanations
sed ... Makefile:
This command ensures the pkgconfig file is placed in the correct
directory.
NO_ARLIB=1
: This make flag
disables installing the static library.
Configuring keyutils
Config Files
/etc/request-key.conf
and
/etc/request-key.d/*
Contents
Installed Programs:
keyctl, key.dns_resolver, and
request-key
Installed Library:
libkeyutils.so
Installed Directory:
/etc/request-key.d and
/usr/share/keyutils
Short Descriptions
keyctl
|
controls the key management facility with a variety of
subcommands
|
key.dns_resolver
|
is invoked by request-key on behalf
of the kernel when kernel services (such as NFS, CIFS and
AFS) need to perform a hostname lookup and the kernel
does not have the key cached. It is not ordinarily
intended to be called directly
|
request-key
|
is invoked by the kernel when the kernel is asked for a
key that it doesn't have immediately available. The
kernel creates a temporary key and then calls out to this
program to instantiate it. It is not intended to be
called directly
|
libkeyutils.so
|
contains the keyutils library API instantiation
|
Last updated on 2021-02-19 22:13:48 -0800