Content-type: text/html Man page of getppriv

getppriv

Section: System Calls (2)
Updated: 10 Sep 2004
Index Return to Main Contents
 

NAME

getppriv, setppriv - get or set a privilege set  

SYNOPSIS

#include <priv.h>

int getppriv(priv_ptype_t which, priv_set_t *set);

int setppriv(priv_op_t op, priv_ptype_t which, priv_set_t *set);  

DESCRIPTION

The getppriv() function returns the process privilege set specified by which in the set pointed to by set. The memory for set is allocated with priv_allocset() and freed with priv_freeset(). Both functions are documented on the priv_addset(3C) manual page.

The setppriv() function sets or changes the process privilege set. The op argument specifies the operation and can be one of PRIV_OFF, PRIV_ON or PRIV_SET. The which argument specifies the name of the privilege set. The set argument specifies the set.

If op is PRIV_OFF, the privileges in set are removed from the process privilege set specified by which. There are no restrictions on removing privileges from process privileges sets, but the following apply:

• Privileges removed from PRIV_PERMITTED are silently removed from PRIV_EFFECTIVE.

• If privileges are removed from PRIV_LIMIT, they are not removed from the other sets until one of exec(2) functions has successfully completed.

If op is PRIV_ON, the privileges in set are added to the process privilege set specified by which. The following operations are permitted:

• Privileges in PRIV_PERMITTED can be added to PRIV_EFFECTIVE without restriction.

• Privileges in PRIV_PERMITTED can be added to PRIV_INHERITABLE without restriction.

• All operations that attempt to add privileges that are already present are permitted.

If op is PRIV_SET, the privileges in set replace completely the process privilege set specified by which. PRIV_SET is implemented in terms of PRIV_OFF and PRIV_ON. The same restrictions apply.  

RETURN VALUES

Upon successful completion, 0 is returned. Otherwise, -1 is returned and errno is set to indicate the error.  

ERRORS

The getppriv() and setppriv() functions will fail if:

EINVAL The value of op or which is out of range.

EFAULT The set argument points to an illegal address.

The setppriv() function will fail if:

EPERM The application attempted to add privileges to PRIV_LIMIT or PRIV_PERMITTED, or the application attempted to add privileges to PRIV_INHERITABLE or PRIV_EFFECTIVE which were not in PRIV_PERMITTED.

 

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Interface StabilityEvolving
MT-LevelMT-Safe

 

SEE ALSO

priv_addset(3C), attributes(5), privileges(5)


 

Index

NAME
SYNOPSIS
DESCRIPTION
RETURN VALUES
ERRORS
ATTRIBUTES
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 02:37:16 GMT, October 02, 2010