Basic management of keys in the Linux kernel keyring in Python. Also comes with a small gui.
This is a small library to make use of some functions of the kernel keyring in Python. You can read, add and delete keys.
It simply uses the keyctl command (invoking it via subprocess), so this util must be installed.
Available functions:
- list (list all keys in keyring)
- describe (retrieve key name/description)
- read/pipe/print (retrieve key content)
- update (modify key content)
- add (add key)
- revoke/unlink (delete key)
- search/request (search for a key by name)
- clear (remove all keys from keyring)
There are many more functions with keys in the kernel keyring (e.g. permissions) that is needed for proper keymanagement. But for my usecase I just needed the given simple functionality.
$ keyctl link @u @s
Python 3.9
$ sudo apt install python3.9
$ python --version
Python 3.9.18
pip
$ sudo apt install python3-pip
$ pip --version
pip 23.3.2 from .... (python 3.9)
The 'keyctl' command
$ sudo apt install keyutils
$ dpkg -s keyutils | grep Version
Version: 1.6.1
If you want to use the GUI, you also need PySide6
$ pip install pyside6
$ python3 -c "import PySide6; print(PySide6.__version__)"
6.6.1
$ pip install keyctl
Ready to use.
Get all keys:
from keyctl import Key
keylist = Key.list()
for mykey in keylist:
print(mykey.id)
Read existing key:
from keyctl import Key
mykey = Key(123)
print(mykey.name)
print(mykey.data)
print(mykey.data_hex)
Find key by name:
from keyctl import Key
mykey = Key.search('test key')
print(mykey.id)
Add key:
from keyctl import Key
mykey = Key.add('test key', 'test content')
print(mykey.id)
Delete key:
from keyctl import Key
mykey = Key(123)
mykey.delete()
Update key:
from keyctl import Key
mykey = Key(123)
mykey.update('new content')
To open the GUI, run the installed command.
$ keyctlgui
If you run the integrated tests, your user keyring will be cleared. Don't do this when you have active keys e.g. for encryption.
Similar projects you might want to check out:
- https://github.com/sassoftware/python-keyutils (more complete, available in debian repo)
- https://github.com/jdukes/pykeyctl (more complete, direct library wrapper)
GPL-3.0
see LICENSE file