Manualshelf

HP-UX Reference (11i v3 07/02) - 5 Miscellaneous Topics (vol 9)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals
361362363364365366367368369370
p
privgrp(5) privgrp(5)
NAME
privgrp - HP-UX group privileges
DESCRIPTION
HP-UX allows subletting of limited superuser-like privileges to all users or to members of a particular
group or groups. This capability is deprecated and only existing applications should use it. The newer
fine-grained privilege facilities described in privileges(5) should be used by new applications.
The
<sys/privgrp.h>
header defines the following symbolic privilege names:
PRIV_CHOWN ,
PRIV_FSSTHREAD
, PRIV_LOCKRDONLY
, PRIV_MLOCK , PRIV_MPCTL , PRIV_PSET,
PRIV_RTPRIO , PRIV_RTSCHED , PRIV_SERIALIZE
, PRIV_SETRUGID
, and PRIV_SPUCTL .
All but one of the group privileges are supported as fine-grained privileges and described in privileges(5).
The one group privilege not supported as a fine-grained privilege is:
PRIV_SETRUGID
Permits the use of the
setuid() and setgid() system calls for changing respec-
tively the real user ID and real group ID of a process (see setuid(2)). This behavior of
setuid() is deprecated and only legacy applications should use it. Newer applica-
tions should use setresuid(geteuid(), -1, -1)
and
setresgid(getegid(), -1, -1)
, respectively, to achieve the same effect.
(No special privileges required.)
The
<sys/privgrp.h>
header defines two additional symbolic constants:
PRIV_MAXGRPS
defines the maximum number of groups with special privileges. Of this maximum,
one is reserved for global privileges (granted to all processes) and the remainder can
be assigned to actual group IDs.
PRIV_MASKSIZ
defines the size of the multi-word mask used in defining privileges associated with a
group ID.
The setprivgrp and getprivgrp commands and the setprivgrp() and getprivgrp() system
calls may be used to define and query the privilege group associations.
The group privileges are automatically initialized from the contents of
/etc/privgroup (see privgrp(4))
at boot time.
WARNINGS
This mechanism is deprecated and only legacy applications should use it. See privileges(5) for a description
of fine-grained privileges.
SEE ALSO
getprivgrp(1), setprivgrp(1M), chown(2), getprivgrp(2), lockf(2), mpctl(2), plock(2), pset_create(2), rtprio(2),
rtsched(2), serialize(2), setgid(2), setuid(2), shmctl(2), privgrp(4), privileges(5).
HP-UX 11i Version 3: February 2007 1 Hewlett-Packard Company 365