Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

getprivgrp(2)

privgrp(4)

NAME

privgrp − format of privileged values

SYNOPSIS

#include <sys/privgrp.h>

DESCRIPTION

setprivgrp() sets a mask of privileges, and getprivgrp() returns an array of structures giving privileged group assignments on a per-group- ID basis (see setprivgrp(2) and getprivgrp(2)). <privgrp.h> contains the constants and structures needed to deal with these system calls, and contains:

/*
* Privileged group definitions --
* the numeric values may vary between implementations.
*/
#define PRIV_RTPRIO             1
#define PRIV_MLOCK              2
#define PRIV_CHOWN              3
#define PRIV_LOCKRDONLY         4
#define PRIV_SETRUGID           5
/* Maximum number of privileged groups in system */
#define PRIV_MAXGRPS           32
/*
 .C "* Size of the privilege mask,"
 .C "* based on largest numbered privilege"
 .C "*/"
#define PRIV_MASKSIZ            1
/*
* Structure defining the privilege mask
*/
struct privgrp_map {
    int            priv_groupno;
    unsigned int   priv_mask[PRIV_MASKSIZ];
};

Privileges are as follows:

PRIV_RTPRIO Allows access to the rtprio() system call (see rtprio(2)).

PRIV_MLOCK Allows access to the plock() system call (see plock(2)).

PRIV_CHOWN Allows access to the chown() system calls (see chown(2)).

PRIV_LOCKRDONLY Permits the use of the lockf() system call for setting locks on files open for reading only (see lockf(2)).

PRIV_SETRUGID Permits the use of the setuid() and setgid() system calls for changing respectively the real user ID and real group ID of a process (see setuid(2) and setgid(2)).

Privileges are described in a multi-word mask.  The value of the #define for each privilege is interpreted as a bit index (counting from 1).  Thus a group-id can have several different privileges associated with it by having different bits OR ed into the mask. 

The system is configured with a specified maximum number of groups with special privileges.  PRIV_MAXGRPS defines this maximum.  Of this maximum, one is reserved for global privileges (granted to all processes), and the remainder can be assigned to actual group-ids. 

PRIV_MASKSIZ defines the size of the multi-word mask used in defining privileges associated with a group- ID. 

Privileges are returned to the user from the getprivgrp() system call in an array of structures of type struct privgrp_map.  The structure associates a multi-word mask with a group- ID. 

SEE ALSO

getprivgrp(2). 

Hewlett-Packard Company  —  HP-UX Release 9.0: August 1992

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026