diff options
author | Philipp Hahn <hahn@univention.de> | 2018-02-19 12:39:01 +0300 |
---|---|---|
committer | Jonathan Corbet <corbet@lwn.net> | 2018-02-23 18:04:21 +0300 |
commit | dddc7231b9ee253c9e7d23a3bd9d1e3b55613dcb (patch) | |
tree | 56e60761198186c6f9ce92be1d582f62c9a6f2c8 /Documentation | |
parent | fcdf1df2032c6f12f86d71feef29cf1cfbcee758 (diff) | |
download | linux-dddc7231b9ee253c9e7d23a3bd9d1e3b55613dcb.tar.xz |
doc: Rename .system_keyring to .builtin_trusted_keys
Commit d3bfe84129f65e0af2450743ebdab33d161d01c9 changed the name but did
not update the documentation.
Fixes: d3bfe84129f65e0af2450743ebdab33d161d01c9
Signed-off-by: Philipp Hahn <hahn@univention.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/admin-guide/module-signing.rst | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/Documentation/admin-guide/module-signing.rst b/Documentation/admin-guide/module-signing.rst index 27e59498b487..62e389fdcb86 100644 --- a/Documentation/admin-guide/module-signing.rst +++ b/Documentation/admin-guide/module-signing.rst @@ -180,11 +180,11 @@ Public keys in the kernel ========================= The kernel contains a ring of public keys that can be viewed by root. They're -in a keyring called ".system_keyring" that can be seen by:: +in a keyring called ".builtin_trusted_keys" that can be seen by:: [root@deneb ~]# cat /proc/keys ... - 223c7853 I------ 1 perm 1f030000 0 0 keyring .system_keyring: 1 + 223c7853 I------ 1 perm 1f030000 0 0 keyring .builtin_trusted_keys: 1 302d2d52 I------ 1 perm 1f010000 0 0 asymmetri Fedora kernel signing key: d69a84e6bce3d216b979e9505b3e3ef9a7118079: X509.RSA a7118079 [] ... @@ -197,15 +197,15 @@ add those in also (e.g. from the UEFI key database). Finally, it is possible to add additional public keys by doing:: - keyctl padd asymmetric "" [.system_keyring-ID] <[key-file] + keyctl padd asymmetric "" [.builtin_trusted_keys-ID] <[key-file] e.g.:: keyctl padd asymmetric "" 0x223c7853 <my_public_key.x509 Note, however, that the kernel will only permit keys to be added to -``.system_keyring _if_`` the new key's X.509 wrapper is validly signed by a key -that is already resident in the .system_keyring at the time the key was added. +``.builtin_trusted_keys _if_`` the new key's X.509 wrapper is validly signed by a key +that is already resident in the .builtin_trusted_keys at the time the key was added. ======================== |