On 16-03-21 05:20 PM, Joe Lauer wrote:
2) Are there any workarounds? Any magic kernel settings I can tune to
allow for more? Or can we actually mount a directory under a
different account than root so that a new keyring is used as opposed
for root.
You can increase the quota by writing to certain proc files. It is
documented in the kernel source: Documentation/security/keys.txt
quoting:
Four new sysctl files have been added also for the purpose of controlling the
quota limits on keys:
(*) /proc/sys/kernel/keys/root_maxkeys
/proc/sys/kernel/keys/root_maxbytes
These files hold the maximum number of keys that root may have and the
maximum total number of bytes of data that root may have stored in those
keys.
(*) /proc/sys/kernel/keys/maxkeys
/proc/sys/kernel/keys/maxbytes
These files hold the maximum number of keys that each non-root user may
have and the maximum total number of bytes of data that each of those
users may have stored in their keys.
Root may alter these by writing each new limit as a decimal number string to
the appropriate file.
-James M
--
To unsubscribe from this list: send the line "unsubscribe ecryptfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
