Manualshelf

privgrp.5 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages
12
p
privgrp(5) privgrp(5)
NAME
privgrp - HP-UX group privileges
DESCRIPTION
HP-UX allows subletting of limited superuser-like privileges to all users or to members of a particular
group or groups. This capability is deprecated and only existing applications should use it. The newer
fine-grained privilege facilities described in privileges (5) should be used by new applications.
The
<sys/privgrp.h>
header defines the following symbolic privilege names:
PRIV_CHOWN,
PRIV_FSSTHREAD
, PRIV_LOCKRDONLY
, PRIV_MLOCK, PRIV_MPCTL, PRIV_PSET, PRIV_RTPRIO,
PRIV_RTSCHED, PRIV_SERIALIZE
, PRIV_SETRUGID
, and PRIV_SPUCTL.
All but one of the group privileges are supported as fine-grained privileges and described in privileges (5).
The one group privilege not supported as a fine-grained privilege is:
PRIV_SETRUGID
Permits the use of the
setuid() and setgid() system calls for changing
respectively the real user ID and real group ID of a process (see setuid (2)). This
behavior of
setuid() is deprecated and only legacy applications should use it.
Newer applications should use setresuid(geteuid(), -1, -1)
and
setresgid(getegid(), -1, -1)
, respectively, to achieve the same effect.
(No special privileges required.)
The
<sys/privgrp.h> header defines two additional symbolic constants:
PRIV_MAXGRPS
defines the maximum number of groups with special privileges. Of this maximum,
one is reserved for global privileges (granted to all processes) and the remainder
can be assigned to actual group IDs.
PRIV_MASKSIZ
defines the size of the multi-word mask used in defining privileges associated with a
group ID.
The
setprivgrp and getprivgrp commands and the setprivgrp() and getprivgrp() system
calls may be used to define and query the privilege group associations.
The group privileges are automatically initialized from the contents of
/etc/privgroup (see
privgrp (4)) at boot time.
WARNINGS
This mechanism is deprecated and only legacy applications should use it. See privileges (5) for a descrip-
tion of fine-grained privileges.
SEE ALSO
getprivgrp(1), setprivgrp(1M), chown(2), getprivgrp(2), lockf(2), mpctl(2), plock(2), pset_create(2),
rtprio(2), rtsched(2), serialize(2), setgid(2), setuid(2), shmctl(2), privgrp(4), privileges(5).
HP-UX 11i Version 3: September 2010 1 Hewlett-Packard Company 1

Summary of content (2 pages)