# phpman > man > SESSION-KEYRING(7)

[SESSION-KEYRING(7)](https://www.chedong.com/phpMan.php/man/SESSION-KEYRING/7/markdown)                    Linux Programmer's Manual                   [SESSION-KEYRING(7)](https://www.chedong.com/phpMan.php/man/SESSION-KEYRING/7/markdown)



## NAME
       session-keyring - session shared process keyring

## DESCRIPTION
       The session keyring is a keyring used to anchor keys on behalf of a process.  It is typically
       created by **pam**___**[keyinit**(8)](https://www.chedong.com/phpMan.php/man/keyinit/8/markdown) when a user logs in and a link will be added  that  refers  to  the
       [**user-keyring**(7)](https://www.chedong.com/phpMan.php/man/user-keyring/7/markdown).  Optionally, PAM may revoke the session keyring on logout.  (In typical con‐
       figurations, PAM does do this revocation.)  The session keyring has  the  name  (description)
       __ses_.

       A  special serial number value, **KEY**___**SPEC**___**SESSION**___**KEYRING**, is defined that can be used in lieu
       of the actual serial number of the calling process's session keyring.

       From the [**keyctl**(1)](https://www.chedong.com/phpMan.php/man/keyctl/1/markdown) utility, '**@s**' can be used instead of a numeric key ID  in  much  the  same
       way.

       A process's session keyring is inherited across [**clone**(2)](https://www.chedong.com/phpMan.php/man/clone/2/markdown), [**fork**(2)](https://www.chedong.com/phpMan.php/man/fork/2/markdown), and [**vfork**(2)](https://www.chedong.com/phpMan.php/man/vfork/2/markdown).  The session
       keyring is preserved across [**execve**(2)](https://www.chedong.com/phpMan.php/man/execve/2/markdown), even when the executable is set-user-ID or  set-group-
       ID  or  has capabilities.  The session keyring is destroyed when the last process that refers
       to it exits.

       If a process doesn't have a session keyring when it is accessed, then, under certain  circum‐
       stances, the [**user-session-keyring**(7)](https://www.chedong.com/phpMan.php/man/user-session-keyring/7/markdown) will be attached as the session keyring and under others
       a new session keyring will be created.  (See [**user-session-keyring**(7)](https://www.chedong.com/phpMan.php/man/user-session-keyring/7/markdown) for further details.)

### Special operations
       The _keyutils_ library provides the  following  special  operations  for  manipulating  session
       keyrings:

       **keyctl**___**join**___**session**___**[keyring**(3)](https://www.chedong.com/phpMan.php/man/keyring/3/markdown)
              This  operation allows the caller to change the session keyring that it subscribes to.
              The caller can join an existing keyring with a specified name (description), create  a
              new  keyring  with a given name, or ask the kernel to create a new "anonymous" session
              keyring with the name "_ses".   (This  function  is  an  interface  to  the  [**keyctl**(2)](https://www.chedong.com/phpMan.php/man/keyctl/2/markdown)
              **KEYCTL**___**JOIN**___**SESSION**___**KEYRING** operation.)

       **keyctl**___**session**___**to**___**[parent**(3)](https://www.chedong.com/phpMan.php/man/parent/3/markdown)
              This  operation  allows the caller to make the parent process's session keyring to the
              same as its own.  For this to succeed, the parent process must have identical security
              attributes  and  must  be  single  threaded.   (This  function  is an interface to the
              [**keyctl**(2)](https://www.chedong.com/phpMan.php/man/keyctl/2/markdown) **KEYCTL**___**SESSION**___**TO**___**PARENT** operation.)

       These operations are also exposed through the [**keyctl**(1)](https://www.chedong.com/phpMan.php/man/keyctl/1/markdown) utility as:

           keyctl session
           keyctl session - [<prog> <arg1> <arg2> ...]
           keyctl session <name> [<prog> <arg1> <arg2> ...]

       and:

           keyctl new_session

## SEE ALSO
       [**keyctl**(1)](https://www.chedong.com/phpMan.php/man/keyctl/1/markdown), [**keyctl**(3)](https://www.chedong.com/phpMan.php/man/keyctl/3/markdown), **keyctl**___**join**___**session**___**[keyring**(3)](https://www.chedong.com/phpMan.php/man/keyring/3/markdown), **keyctl**___**session**___**to**___**[parent**(3)](https://www.chedong.com/phpMan.php/man/parent/3/markdown),
       [**keyrings**(7)](https://www.chedong.com/phpMan.php/man/keyrings/7/markdown), [**persistent-keyring**(7)](https://www.chedong.com/phpMan.php/man/persistent-keyring/7/markdown), [**process-keyring**(7)](https://www.chedong.com/phpMan.php/man/process-keyring/7/markdown), [**thread-keyring**(7)](https://www.chedong.com/phpMan.php/man/thread-keyring/7/markdown), [**user-keyring**(7)](https://www.chedong.com/phpMan.php/man/user-keyring/7/markdown),
       [**user-session-keyring**(7)](https://www.chedong.com/phpMan.php/man/user-session-keyring/7/markdown), **pam**___**[keyinit**(8)](https://www.chedong.com/phpMan.php/man/keyinit/8/markdown)

## COLOPHON
       This page is part of release 5.10 of the Linux _man-pages_ project.  A description of the
       project, information about reporting bugs, and the latest version of this page, can be found
       at <https://www.kernel.org/doc/man-pages/>.



Linux                                        2020-08-13                           [SESSION-KEYRING(7)](https://www.chedong.com/phpMan.php/man/SESSION-KEYRING/7/markdown)