setppriv(2) - osol9

1getppriv(2)                      System Calls                      getppriv(2)
2
3
4

NAME

6       getppriv, setppriv - get or set a privilege set
7

SYNOPSIS

9       #include <priv.h>
10
11       int getppriv(priv_ptype_t which, priv_set_t *set);
12
13
14       int setppriv(priv_op_t op, priv_ptype_t which, priv_set_t *set);
15
16

DESCRIPTION

18       The  getppriv() function returns the process privilege set specified by
19       which in the set pointed to by set. The memory  for  set  is  allocated
20       with  priv_allocset() and freed with priv_freeset(). Both functions are
21       documented on the priv_addset(3C) manual page.
22
23
24       The setppriv() function sets or changes the process privilege set.  The
25       op argument specifies the operation and can be one of PRIV_OFF, PRIV_ON
26       or PRIV_SET. The which argument specifies the  name  of  the  privilege
27       set. The set argument specifies the set.
28
29
30       If  op  is PRIV_OFF, the privileges in set are removed from the process
31       privilege set specified by which. There are no restrictions on removing
32       privileges from process privileges sets, but the following apply:
33
34           o      Privileges  removed from PRIV_PERMITTED are silently removed
35                  from PRIV_EFFECTIVE.
36
37           o      If privileges are removed  from  PRIV_LIMIT,  they  are  not
38                  removed  from  the other sets until one of exec(2) functions
39                  has successfully completed.
40
41
42       If op is PRIV_ON, the privileges in set are added to the process privi‐
43       lege set specified by which.  The following operations are permitted:
44
45           o      Privileges  in PRIV_PERMITTED can be added to PRIV_EFFECTIVE
46                  without restriction.
47
48           o      Privileges in PRIV_PERMITTED can be added to  PRIV_INHERITA‐
49                  BLE without restriction.
50
51           o      All  operations  that  attempt  to  add  privileges that are
52                  already present are permitted.
53
54
55       If op is PRIV_SET, the privileges in set replace completely the process
56       privilege  set  specified by which. PRIV_SET is implemented in terms of
57       PRIV_OFF and PRIV_ON. The same restrictions apply.
58

RETURN VALUES

60       Upon successful completion, 0 is returned. Otherwise, -1   is  returned
61       and errno is set to indicate the error.
62

ERRORS

64       The getppriv() and setppriv() functions will fail if:
65
66       EINVAL    The value of op or which is out of range.
67
68
69       EFAULT    The set argument points to an illegal address.
70
71
72
73       The setppriv() function will fail if:
74
75       EPERM    The  application  attempted to add privileges to PRIV_LIMIT or
76                PRIV_PERMITTED, or the application attempted to add privileges
77                to  PRIV_INHERITABLE  or  PRIV_EFFECTIVE  which  were  not  in
78                PRIV_PERMITTED.
79
80

ATTRIBUTES

82       See attributes(5) for descriptions of the following attributes:
83
84
85
86
87       ┌─────────────────────────────┬─────────────────────────────┐
88       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
89       ├─────────────────────────────┼─────────────────────────────┤
90       │Interface Stability          │Evolving                     │
91       ├─────────────────────────────┼─────────────────────────────┤
92       │MT-Level                     │MT-Safe                      │
93       └─────────────────────────────┴─────────────────────────────┘
94

NAME

SYNOPSIS

DESCRIPTION

RETURN VALUES

ERRORS

ATTRIBUTES

SEE ALSO