unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Page:
Section:
Apropos / Subsearch:
optional field

ppriv(1)                         User Commands                        ppriv(1)



NAME
       ppriv - inspect or modify process privilege sets and attributes

SYNOPSIS
       /usr/bin/ppriv -e [-D | -N]  [-s spec] command [arg...]

       /usr/bin/ppriv [-v] [-S] [-D | -N]  [-s spec]  [pid | core] ...

       /usr/bin/ppriv -l [-v] [privilege-specification...]

DESCRIPTION
       The  first  invocation  of the ppriv command runs the command specified
       with the privilege sets and flags modified according to  the  arguments
       on the command line.

       The  second  invocation examines or changes the privilege state of run-
       ning process and core files.

       The third invocation lists the privileges defined and information about
       specified privileges or privileges set specifications.

OPTIONS
       The following options are supported:

       -D       Turns on privilege debugging for the processes or command sup-
                plied.



       -e       Interprets the remainder of the arguments as  a  command  line
                and  runs the command line with specified privilege attributes
                and sets.



       -l       Lists all currently defined privileges on stdout.



       -N       Turns off privilege debugging for  the  processes  or  command
                supplied.



       -s spec  Modifies a process's privilege sets according to spec, a spec-
                ification with the format [AEILP][+-=]privsetspec,  containing
                no spaces, where:


                AEILP           Indicates one or more letters indicating which
                                privilege  sets  to  change.  These  are  case
                                insensitive,  for example, either a or A indi-
                                cates all privilege sets.




                +-=             Indicates a modifier to respectively add  (+),
                                remove  (-),  or  assign (=) the listed privi-
                                leges to the specified set(s) in privsetspec.



                privsetspec     Indicates  a  comma-separated  privilege   set
                                specification  (priv1,priv2,  and  so  on), as
                                described in priv_str_to_set(3C).


                Modifying the same set with multiple -s options is possible as
                long  as  there is either precisely one assignment to an indi-
                vidual set or any number of additions and removals.  That  is,
                assignment  and  addition  or removal for one set are mutually
                exclusive.


       -S       Short. Reports the shortest possible output strings for  sets.
                The default is portable output. See priv_str_to_set(3C).



       -v       Verbose. Reports privilege sets using privilege names.



USAGE
       The  ppriv  utility  examines  processes  and  core files and prints or
       changes their privilege sets.

       ppriv can run commands with privilege debugging on or off or with fewer
       privileges than the invoking process.

       When  executing a sub process, the only sets that can be modified are L
       and I. Privileges can only be removed from L and I as ppriv starts with
       P=E=I.

       ppriv can also be used to remove privileges from processes or to convey
       privileges to other processes. In  order  to  control  a  process,  the
       effective  set  of  the  ppriv  utility must be a super set of the con-
       trolled process's E, I, and P. The utility's limit set must be a  super
       set  of  the  target's  limit  set. If the target's process uids do not
       match, the {PRIV_PROC_OWNER} privilege must be asserted  in  the  util-
       ity's  effective set. If the controlled processes have any uid with the
       value 0, more restrictions may exist. See privileges(5).

EXAMPLES
       Example 1: Obtaining the process privileges of the current shell

       example$ ppriv $$
       387:   -sh
       flags = <none>
                E: basic
                I: basic
                P: basic
                L: all

       Example 2: Removing a  privilege  from  your  shell's  Inheritable  and
       Effective set

       example$ ppriv -s EI-proc_session $$

       Note:  The  subprocess can still inspect the parent shell but it can no
       longer influence the parent because the parent has more  privileges  in
       its Permitted set than the ppriv child process:

       example$ truss -p $$
       truss: permission denied: 387

       example$ ppriv $$
       387:   -sh
       flags = <none>
                E: basic,!proc_session
                I: basic,!proc_session
                P: basic
                L: all

       Example 3: Running a process with privilege debugging

       example$ ppriv -e -D cat /etc/shadow
       cat[418]: missing privilege "file_dac_read" (euid = 21782),
                           needed at ufs_access+0x3c
       cat: cannot open /etc/shadow

       Note:  The  privilege debugging error messages are sent to the control-
       ling terminal of the current process. The "needed at" address  specifi-
       cation  is  an  artifact  of  the  kernel  implementation and it can be
       changed at any time after a software update.

       The  system  call  number  can  be  mapped  to  a  system  call   using
       /etc/name_to_sysnum.

       Example 4: Listing the privileges available in the current zone

       This  example  lists  the privileges available in the current zone (see
       zones(5)). When run in the global  zone,  all  defined  privileges  are
       listed.

       example$ ppriv -l zone
        ... listing of all privileges elided ...

EXIT STATUS
       The following exit values are returned:

       0               Successful operation.



       non-zero        An error has occurred.



FILES
       /proc/*                 Process files



       /etc/name_to_sysnum     system call name to number mapping



ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:


       tab()     allbox;     cw(2.750000i)|    cw(2.750000i)    lw(2.750000i)|
       lw(2.750000i).   ATTRIBUTE  TYPEATTRIBUTE   VALUE   AvailabilitySUNWesu
       Interface StabilitySee below.


       The invocation is Evolving. The output is Unstable.

SEE ALSO
       gcore(1), truss(1), priv_str_to_set(3C), proc(4), attributes(5), privi-
       leges(5), zones(5)



SunOS 5.10                        4 Apr 2004                          ppriv(1)