cmpt_change.3 (2010 09)
c
cmpt_change(3) cmpt_change(3)
NAME
cmpt_change(), cmpt_get() - set and get process’ compartment
SYNOPSIS
#include <sys/cmpt.h>
int cmpt_change(cmpt_t
cid);
cmpt_t cmpt_get(pid_t
pid);
Parameters
cid Compartment ID.
pid Process ID of the target process or 0 for the calling process.
DESCRIPTION
The cmpt_change()
and cmpt_get() functions query and manipulate the compartment of a process.
The
cmpt_get() function returns the given process’ compartment ID. If 0 is passed as the pid parame-
ter, the compartment ID of the calling process is returned.
The
cmpt_change()
function changes the calling process’ compartment ID to be the value of cid.
Security Restrictions
In order for the
cmpt_change()
function to be effective, the calling process must possess the
CHANGECMPT privilege. See privileges (5) for more information about privileges.
RETURN VALUE
cmpt_get() returns the following values:
n
>0 Successful completion. The function returns a valid compartment ID.
-1 Function failed. errno is set to indicate the error.
cmpt_change() returns the following values:
0 Successful completion.
-1 Function failed. errno is set to indicate the error.
ERRORS
If any of the following conditions occur, the functions fail and set
errno.
[EINVAL] Invalid compartment ID specified.
[ENOMEM] The function failed to allocate sufficient memory for its operation.
[EPERM] The process does not have the
CHANGECMPT privilege.
[ESRCH] pid is not valid.
EXAMPLES
#include <errno.h>
#include <sys/cmpt.h>
main()
{
cmpt_t c = cmpt_getbyname("init");
if (cmpt_change(c) == -1 )
{
perror("could not enter init compartment");
exit(1);
}
printf("The process is now running in compartment %d\n",
cmpt_get(0));
}
HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1