HP-UX Reference (11i v1 00/12) - 4 File Formats (vol 8)
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man4/!!!intro.4
________________________________________________________________
___ ___
p
privgrp(4) privgrp(4)
NAME
privgrp - format of privileged values
SYNOPSIS
#include <sys/privgrp.h>
DESCRIPTION
setprivgrp() sets a mask of privileges, and getprivgrp() returns an array of structures giving
privileged group assignments on a per-group-ID basis (see getprivgrp(2)). <privgrp.h> contains the con-
stants and structures needed to deal with these system calls, and contains:
/*
* Privileged group definitions --
* the numeric values may vary between implementations.
*/
#define PRIV_RTPRIO 1
#define PRIV_MLOCK 2
#define PRIV_CHOWN 3
#define PRIV_LOCKRDONLY 4
#define PRIV_SETRUGID 5
/* Maximum number of privileged groups in system */
#define PRIV_MAXGRPS 32
/*
* Size of the privilege mask,
* based on largest numbered privilege
*/
#define PRIV_MASKSIZ 1
/*
* Structure defining the privilege mask
*/
struct privgrp_map {
int priv_groupno;
unsigned int priv_mask[PRIV_MASKSIZ];
};
Privileges are as follows:
PRIV_RTPRIO Allows access to the rtprio() system call (see rtprio(2)).
PRIV_MLOCK Allows access to the plock() system call (see plock(2)).
PRIV_CHOWN Allows access to the chown() system calls (see chown(2)).
PRIV_LOCKRDONLY Permits the use of the
lockf() system call for setting locks on files open
for reading only (see lockf(2)).
PRIV_SETRUGID Permits the use of the setuid() and setgid() system calls for
changing respectively the real user ID and real group ID of a process (see
setuid(2)).
Privileges are described in a multi-word mask. The value of the
#define for each privilege is interpreted
as a bit index (counting from 1). Thus a group-id can have several different privileges associated with it by
having different bits
ORed into the mask.
The system is configured with a specified maximum number of groups with special privileges.
PRIV_MAXGRPS defines this maximum. Of this maximum, one is reserved for global privileges (granted
to all processes), and the remainder can be assigned to actual group-ids.
PRIV_MASKSIZ defines the size of the multi-word mask used in defining privileges associated with a
group-ID.
Privileges are returned to the user from the getprivgrp() system call in an array of structures of type
struct privgrp_map. The structure associates a multi-word mask with a group-ID.
SEE ALSO
getprivgrp(2).
HP-UX Release 11i: December 2000 − 1 − Section 4−−227
___
___