Provided by: keyutils_1.5.9-10_amd64 bug

NAME

       user-keyring - Per-user keyring

DESCRIPTION

       The  user  keyring  is  a  keyring  used to anchor keys on behalf of a user.  Each UID the
       kernel deals with has its own user keyring.  This keyring is associated  with  the  record
       that  the  kernel  maintains  for  the  UID and, once created, is retained as long as that
       record persists.  It is shared amongst all processes of that UID.

       The user keyring is created on demand when a thread requests it.  Normally,  this  happens
       when pam_keyinit is invoked when a user logs in.

       The user keyring is not searched by default by request_key().  When the pam_keyinit module
       creates a session keyring, it adds to it a link to the  user  keyring  so  that  the  user
       keyring will be searched when the session keyring is.

       A  special serial number value, KEY_SPEC_USER_KEYRING, is defined that can be used in lieu
       of the calling process's user keyring's actual serial number.

       From the keyctl utility, '@u' can be used instead of a numeric key ID  in  much  the  same
       way.

       User  keyrings  are independent of clone(), fork(), vfork(), execve() and exit() excepting
       that the keyring is destroyed when the UID record  is  destroyed  when  the  last  process
       pinning it exits.

       If  it  necessary to for a key associated with a user to exist beyond the UID record being
       garbage collected - for example for use by a cron script -  then  the  persistent  keyring
       should be used instead.

       If a user keyring does not exist when it is accessed, it will be created.

SEE ALSO

       keyctl(1),
       keyctl(3),
       keyrings(7),
       pam_keyinit(8),
       process-keyring(7),
       session-keyring(7),
       thread-keyring(7),
       user-session-keyring(7),
       persistent-keyring(7)