recursive_key_scan, recursive_session_key_scan — apply a function to all keys in a keyring tree


#include <keyutils.h>

typedef int (*recursive_key_scanner_t)(key_serial_t parent,
    key_serial_t key, char *desc, int desc_len, void *data);

long recursive_key_scan(key_serial_t keyring,
    recursive_key_scanner_t func, void *data);
long recursive_session_key_scan(recursive_key_scanner_t func,
    void *data);


recursive_key_scan() performs a depth-first recursive scan of the specified keyring tree and applies func to every link found in the accessible keyrings in that tree. data is passed to each invocation of func.

The return values of func are summed and returned as the overall return value.  Errors are ignored. Inaccessible keyrings are not scanned, but links to them are still passed to func.

recursive_session_key_scan() works exactly like recursive_key_scan() with the caller's session keyring specified as the starting keyring.

The callback function is called for each link found in all the keyrings in the nominated tree and so may be called multiple times for a particular key if that key has multiple links to it.

The callback function is passed the following parameters:


The keyring containing the link or 0 for the initial key.


The key to which the link points.

desc and desc_len

A pointer to the raw description and its length as retrieved with keyctl_describe_alloc(). These will be NULL and -1 respectively if the description couldn't be retrieved and errno will retain the error from keyctl_describe_alloc().


The data passed to the scanner function.

Return Value

These functions return the sum of the results of the callback functions they invoke.




When linking, -lkeyutils should be specified to the linker.

See Also

keyctl(3), keyctl_describe_alloc(3), keyrings(7)

Referenced By

keyctl(2), keyctl(3).

The man page recursive_session_key_scan(3) is an alias of recursive_key_scan(3).

10 Mar 2011 Linux Key Utility Calls