privileges.5 (2011 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

privileges(5) privileges(5)

sgid bits, provided that the process is allowed to change the ownership of the ﬁle.

PRIV_OWNER (OWNER)

Allows a process to override all restrictions with respect to UID matching the owner of the ﬁle

or resource. See Discretionary Restrictions for more information.

PRIV_PSET (PSET)

Allows change to the system pset conﬁguration (see pset_create (2)).

PRIV_PTYOPS (PTYOPS)

Allows the process to do administrative operations that are pseduo terminal speciﬁc.

This privilege is valid only when the HP-UX ContainmentPlus product (version B.11.31.02 or

later) is installed on the system.

PRIV_RDEVOPS (RDEVOPS)

Allows the process to do device administrative operations that are non-pseudo terminal

speciﬁc.

This privilege is valid only when the HP-UX ContainmentPlus product (version B.11.31.02 or

later) is installed on the system.

PRIV_REBOOT (REBOOT)

Allows a process to perform reboot operations.

PRIV_RTPRIO (RTPRIO)

Allows access to the rtprio() system call (see rtprio (2)).

PRIV_RTPSET (RTPSET)

Allows a process to control RTE psets (see __pset_rtctl (2)).

PRIV_RTSCHED (RTSCHED)

Allows access to the sched_setparam()

and sched_setscheduler() to set POSIX.4

real-time priorities (see rtsched (2)).

PRIV_RULESCONFIG (RULESCONFIG)

Allows a process to add and modify compartment rules on the system. (See compartments (5)

and cmpt_tune (1M) to determine if this extended feature is enabled.)

PRIV_SELFAUDIT (SELFAUDIT)

Allows a process to generate auditing records for itself using the audwrite() system call

(see audwrite (2)).

PRIV_SWAPCTL (SWAPCTL)

Allows a process to manage swap space using the swapctl() system call (see swapctl (2)).

This privilege is valid only when the HP-UX ContainmentPlus product (version B.11.31.02 or

later) is installed on the system.

PRIV_SERIALIZE (SERIALIZE)

Permits the use of serialize() for forcing the target process to run serially with other

processes that are also marked by this system call (see serialize (2)).

PRIV_SESSION (SESSION)

Permits creation of a new session (see setsid (2)), and setpgrp (2)).

PRIV_SPUCTL

Permits certain administrative operations in the Instant Capacity product for deactivation and

reactivation of processors. See the Instant Capacity documentation for more information.

PRIV_SYSATTR (SYSATTR)

Enables a process to manage system attributes including the setting of tunables, and modify-

ing the host name, domain name, and user quotas.

If the HP-UX ContainmentPlus product (version B.11.31.02 or later) is installed on the system,

PRIV_SYSATTR becomes a compound privilege, which includes

PRIV_CORESYSATTR and

PRIV_HOSTATTR.

PRIV_SYSNFS (SYSNFS)

Allows a process to perform NFS operations like exporting a ﬁle system, the getfh() system

call (see getfh (2)), NFS ﬁle locking, revoking NFS authentication, and creating an NFS kernel

daemon thread.

HP-UX 11i Version 3: September 2011 − 5 − Hewlett-Packard Company 5