1getpflags(2) System Calls getpflags(2)
2
6 getpflags, setpflags - get or set process flags
7
9 #include <sys/types.h>
10 #include <priv.h>
11 uint_t getpflags(uint_t flag);
13 int setpflags(uint_t flag, uint_t value);
16
19 The getpflags() and setpflags() functions obtain and modify the current
20 per-process flags.
21 The following values for flag are supported:
24 PRIV_AWARE
26 This one bit flag takes the value of 0 (unset) or 1 (set). Only if
28 this flag is set is the current process privilege-aware. A process
29 can attempt to unset this flag but might fail silently if the
30 observed set invariance condition cannot be met. Setting this flag
31 is always successful. See privileges(5) for a discussion of this
32 flag.
33 PRIV_AWARE_RESET
36 This one bit flag takes the value of 0 (unset) or 1 (set). This
38 causes a process to pretend it is non- privilege aware. The effec‐
39 tive and permitted privilege set change on the change of the effec‐
40 tive uid. When all the uid sets become the same through setuid(uid)
41 or through setreuid(uid, uid), the effective and permitted set are
42 set to the intersection between the limit set and the inheritable
43 set. At that point, both PRIV_AWARE and PRIV_AWARE_RESET are unset.
44 This flag gets automatically reset when a file becomes privilege
46 aware, either through calling setppriv(2) or by setting PRIV_AWARE
47 to 1.
48 PRIV_DEBUG
51 This one bit flag takes the value of 0 (unset) or 1 (set). Only if
53 this flag is set does the current process have privilege debugging
54 enabled. Processes can set and unset this flag at will.
55 NET_MAC_AWARE
58 NET_MAC_AWARE_INHERIT
59 These flags are available only if the system is configured with
61 Trusted Extensions. These one bit flags each take the value of 0
62 (unset) or 1 (set). If the NET_MAC_AWARE flag is set then the cur‐
63 rent process is allowed to communicate with peers at labels that
64 are different than its own, subject to MAC policy.
65 The NET_MAC_AWARE_INHERIT flag controls the propagation of the
67 NET_MAC_AWARE flag. When a process performs one of the exec(2)
68 functions, the NET_MAC_AWARE flag is unset unless the
69 NET_MAC_AWARE_INHERIT is set. NET_MAC_AWARE_INHERIT is always unset
70 on one of the exec functions. The PRIV_NET_MAC_AWARE privilege is
71 required to set either of these flags.
72
75 The getpflags() returns the value associated with a given per-process
76 flag. If the flag argument is invalid, (uint_t)-1 is returned and errno
77 is set to indicate the error.
78 Upon successful completion, setpflags() returns 0. Otherwise, -1 is
81 returned and errno is set to indicate the error.
82
84 The getpflags() and setpflags() functions will fail if:
85 EINVAL The value of flag or the value to which the flag is set is
87 out of range.
88 The setpflags() function will fail if:
92 EPERM An attempt was made to unset PRIV_AWARE but the observed set
94 invariance condition was not met.
95
98 See attributes(5) for descriptions of the following attributes:
99 ┌─────────────────────────────┬─────────────────────────────┐
104 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
105 ├─────────────────────────────┼─────────────────────────────┤
106 │Interface Stability │Committed │
107 ├─────────────────────────────┼─────────────────────────────┤
108 │MT-Level │Async-Signal-Safe │
109 └─────────────────────────────┴─────────────────────────────┘
110
112 ppriv(1), setppriv(2), attributes(5), privileges(5)
113SunOS 5.11 4 Jun 2009 getpflags(2)