29 May 2019
keyctl_move - Move a key between keyrings
long keyctl_move(key_serial_t key, key_serial_t from_keyring,
key_serial_t to_keyring, unsigned int flags);
keyctl_move() atomically unlinks key from from_keyring and links it into to_keyring in a single operation. Depending on the flags set, a link to any matching key in to_keyring may get displaced.
The caller must have write permission on both keyring to be able create or remove links in them.
flags is a bitwise-OR of zero or more of the following flags:
|If there’s a matching key in to_keyring, don’t displace it but rather return an error.|
The caller must have link permission on a key to be able to create a new link to it.
On success keyctl_move() return 0. On error, the value -1 will be returned and errno will have been set to an appropriate error.
|ENOKEY||The key or one of the keyrings specified are invalid.|
|ENOKEY||A key with the same type and description is present in to_keyring and KEYCTL_MOVE_EXCL is set.|
|The key or one of the keyrings specified have expired.|
|The key or one of the keyrings specified have been revoked.|
|EACCES||The key exists, but is not linkable by the calling process.|
|EACCES||The keyrings exist, but are not writable by the calling process.|
|ENOMEM||Insufficient memory to effect the changes.|
|EDQUOT||Expanding to_keyring would exceed the keyring owner’s quota.|
This is a library function that can be found in libkeyutils. When linking, -lkeyutils should be specified to the linker.