Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Apropos / Subsearch:
optional field

getppriv(2)                      System Calls                      getppriv(2)

       getppriv, setppriv - get or set a privilege set

       #include <&lt;priv.h>&gt;

       int getppriv(priv_ptype_t which, priv_set_t *set);

       int setppriv(priv_op_t op, priv_ptype_t which, priv_set_t *set);

       The  getppriv() function returns the process privilege set specified by
       which in the set pointed to by set. The memory  for  set  is  allocated
       with  priv_allocset() and freed with priv_freeset(). Both functions are
       documented on the priv_addset(3C) manual page.

       The setppriv() function sets or changes the process privilege set.  The
       op argument specifies the operation and can be one of PRIV_OFF, PRIV_ON
       or PRIV_SET. The which argument specifies the  name  of  the  privilege
       set. The set argument specifies the set.

       If  op  is PRIV_OFF, the privileges in set are removed from the process
       privilege set specified by which. There are no restrictions on removing
       privileges from process privileges sets, but the following apply:

         o  Privileges  removed  from PRIV_PERMITTED are silently removed from

         o  If privileges are removed from PRIV_LIMIT, they  are  not  removed
            from  the  other  sets until one of exec(2) functions has success-
            fully completed.

       If op is PRIV_ON, the privileges in set are added to the process privi-
       lege set specified by which.  The following operations are permitted:

         o  Privileges  in PRIV_PERMITTED can be added to PRIV_EFFECTIVE with-
            out restriction.

         o  Privileges in PRIV_PERMITTED  can  be  added  to  PRIV_INHERITABLE
            without restriction.

         o  All  operations  that  attempt  to add privileges that are already
            present are permitted.

       If op is PRIV_SET, the privileges in set replace completely the process
       privilege  set  specified by which. PRIV_SET is implemented in terms of
       PRIV_OFF and PRIV_ON. The same restrictions apply.

       Upon successful completion, 0 is returned. Otherwise, -1   is  returned
       and errno is set to indicate the error.

       The getppriv() and setppriv() functions will fail if:

       EINVAL          The value of op or which is out of range.

       EFAULT          The set argument points to an illegal address.

       The setppriv() function will fail if:

       EPERM           The   application   attempted   to  add  privileges  to
                       PRIV_LIMIT  or  PRIV_PERMITTED,  or   the   application
                       attempted  to  add  privileges  to  PRIV_INHERITABLE or
                       PRIV_EFFECTIVE which were not in PRIV_PERMITTED.

       See attributes(5) for descriptions of the following attributes:

       tab()    allbox;    cw(2.750000i)|     cw(2.750000i)     lw(2.750000i)|
       lw(2.750000i).  ATTRIBUTE TYPEATTRIBUTE VALUE Interface StabilityEvolv-
       ing MT-LevelMT-Safe

       priv_addset(3C), attributes(5), privileges(5)

SunOS 5.10                        10 Sep 2004                      getppriv(2)