MCPcopy
hub / github.com/opencontainers/runc / ModKeyringPerm

Function ModKeyringPerm

libcontainer/keys/keyctl.go:26–46  ·  view source on GitHub ↗

ModKeyringPerm modifies permissions on a keyring by reading the current permissions, anding the bits with the given mask (clearing permissions) and setting additional permission bits

(ringID KeySerial, mask, setbits uint32)

Source from the content-addressed store, hash-verified

24// anding the bits with the given mask (clearing permissions) and setting
25// additional permission bits
26func ModKeyringPerm(ringID KeySerial, mask, setbits uint32) error {
27 dest, err := unix.KeyctlString(unix.KEYCTL_DESCRIBE, int(ringID))
28 if err != nil {
29 return err
30 }
31
32 res := strings.Split(dest, ";")
33 if len(res) < 5 {
34 return errors.New("Destination buffer for key description is too small")
35 }
36
37 // parse permissions
38 perm64, err := strconv.ParseUint(res[3], 16, 32)
39 if err != nil {
40 return err
41 }
42
43 perm := (uint32(perm64) & mask) | setbits
44
45 return unix.KeyctlSetperm(int(ringID), perm)
46}

Callers 1

InitMethod · 0.92

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…