HPlogo HP-UX Reference Volume 3 of 5 > p

privgrp(4)
» 

Technical documentation

Complete book in PDF

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

NAME

privgrp — format of privileged values

SYNOPSIS

#include <sys/privgrp.h>

DESCRIPTION

setprivgrp() sets a mask of privileges, and getprivgrp() returns an array of structures giving privileged group assignments on a per-group-ID basis (see getprivgrp(2)). <privgrp.h> contains the constants and structures needed to deal with these system calls, and contains:

/* * Privileged group definitions -- * the numeric values may vary between implementations. */ #define PRIV_RTPRIO 1 #define PRIV_MLOCK 2 #define PRIV_CHOWN 3 #define PRIV_LOCKRDONLY 4 #define PRIV_SETRUGID 5 /* Maximum number of privileged groups in system */ #define PRIV_MAXGRPS 32 /* * Size of the privilege mask, * based on largest numbered privilege */ #define PRIV_MASKSIZ 1 /* * Structure defining the privilege mask */ struct privgrp_map { int priv_groupno; unsigned int priv_mask[PRIV_MASKSIZ]; };

Privileges are as follows:

PRIV_RTPRIO

Allows access to the rtprio() system call (see rtprio(2)).

PRIV_MLOCK

Allows access to the plock() system call (see plock(2)).

PRIV_CHOWN

Allows access to the chown() system calls (see chown(2)).

PRIV_LOCKRDONLY

Permits the use of the lockf() system call for setting locks on files open for reading only (see lockf(2)).

PRIV_SETRUGID

Permits the use of the setuid() and setgid() system calls for changing respectively the real user ID and real group ID of a process (see setuid(2)).

Privileges are described in a multi-word mask. The value of the #define for each privilege is interpreted as a bit index (counting from 1). Thus a group-id can have several different privileges associated with it by having different bits ORed into the mask.

The system is configured with a specified maximum number of groups with special privileges. PRIV_MAXGRPS defines this maximum. Of this maximum, one is reserved for global privileges (granted to all processes), and the remainder can be assigned to actual group-ids.

PRIV_MASKSIZ defines the size of the multi-word mask used in defining privileges associated with a group-ID.

Privileges are returned to the user from the getprivgrp() system call in an array of structures of type struct privgrp_map. The structure associates a multi-word mask with a group-ID.

SEE ALSO

getprivgrp(2).



ppp.Systems
  		 


profile  
© Hewlett-Packard Development Company, L.P.