unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Page:
Section:
Apropos / Subsearch:
optional field



 privgrp(4)							  privgrp(4)




 NAME
      privgrp - format of privileged values

 SYNOPSIS
      #include <&lt&lt&lt;sys/privgrp.h>&gt&gt&gt;

 DESCRIPTION
      setprivgrp() sets a mask of privileges, and getprivgrp() returns an
      array of structures giving privileged group assignments on a per-
      group-ID basis (see getprivgrp(2)).  <privgrp.h> contains the
      constants and structures needed to deal with these system calls, and
      contains:

	   /*
	    * Privileged group definitions --
	    * the numeric values may vary between implementations.
	    */
	   #define PRIV_RTPRIO		   1
	   #define PRIV_MLOCK		   2
	   #define PRIV_CHOWN		   3
	   #define PRIV_LOCKRDONLY	   4
	   #define PRIV_SETRUGID	   5

	   /* Maximum number of privileged groups in system */
	   #define PRIV_MAXGRPS		  32

	   /*
	    * Size of the privilege mask,
	    * based on largest numbered privilege
	    */
	   #define PRIV_MASKSIZ		   1

	   /*
	    * Structure defining the privilege mask
	    */
	   struct privgrp_map {
	       int	      priv_groupno;
	       unsigned int   priv_mask[PRIV_MASKSIZ];
	   };

      Privileges are as follows:

	   PRIV_RTPRIO		    Allows access to the rtprio() system
				    call (see rtprio(2)).
	   PRIV_MLOCK		    Allows access to the plock() system call
				    (see plock(2)).
	   PRIV_CHOWN		    Allows access to the chown() system
				    calls (see chown(2)).
	   PRIV_LOCKRDONLY	    Permits the use of the lockf() system
				    call for setting locks on files open for
				    reading only (see lockf(2)).



 Hewlett-Packard Company	    - 1 -   HP-UX Release 11i: November 2000






 privgrp(4)							  privgrp(4)




	   PRIV_SETRUGID	    Permits the use of the setuid() and
				    setgid() system calls for changing
				    respectively the real user ID and real
				    group ID of a process (see setuid(2)).

      Privileges are described in a multi-word mask.  The value of the
      #define for each privilege is interpreted as a bit index (counting
      from 1).	Thus a group-id can have several different privileges
      associated with it by having different bits ORed into the mask.

      The system is configured with a specified maximum number of groups
      with special privileges.	PRIV_MAXGRPS defines this maximum.  Of this
      maximum, one is reserved for global privileges (granted to all
      processes), and the remainder can be assigned to actual group-ids.

      PRIV_MASKSIZ defines the size of the multi-word mask used in defining
      privileges associated with a group-ID.

      Privileges are returned to the user from the getprivgrp() system call
      in an array of structures of type struct privgrp_map.  The structure
      associates a multi-word mask with a group-ID.

 SEE ALSO
      getprivgrp(2).






























 Hewlett-Packard Company	    - 2 -   HP-UX Release 11i: November 2000