Open System Services Porting Guide (G06.29+, H06.06+, J06.03+)
file. However, processes that have an effective user ID equal to the file owner can only change
the group of a file to a group to which they belong (their effective group or one of their
supplementary groups).
For files in restricted-access filesets, a process started by a member of the Safeguard
SECURITY-OSS-ADMINISTRATOR (SOA) group has the appropriate privilege to use this function
on any file in the restricted-access fileset. However, if the executable file used by that process does
not have the PRIVSOARFOPEN privilege, the set-user-ID and set-group-ID bits of the file mode
(04000 and 02000 respectively) of the modified file are cleared.
See also “Special Considerations for Files in Restricted-Access Filesets” (page 122).
The _POSIX_CHOWN_RESTRICTED feature of this call is enforced for OSS files.
The ownership of Guardian disk files can be changed by using chown(), but attempts to change
the ownership of other Guardian files results in an error. The Guardian security model is used, and
any user can be given ownership of the file. Changing the owner ID has the side effect of changing
the group ID to the Guardian group of the new owner. The _POSIX_CHOWN_RESTRICTED feature
is ignored for files in the Guardian file system.
Using the chroot() Function
The chroot() function changes the effective root directory. The chroot() function can be called
on the /G directory, a disk volume name, or a subvolume name. If a process name or a reserved
name is specified in the path parameter, the function fails and returns an error.
Using the fcntl() Function
The fcntl() function controls open file descriptors. An OSS advisory lock can be performed on
Guardian regular files as well as on OSS files. Calling the fcntl() function to unlock a Guardian
file affects only OSS locks on that file. If the file has also been locked by a Guardian procedure
call, the Guardian locks are unaffected by a fcntl() call.
fcntl() can be called from a native OSS process or a TNS Guardian process.
Using the link() Function
The link() function call is not supported for linking across OSS filesets or for OSS directories.
Links to Guardian files, to /dev/tty, to /dev/null, or to the directory called lost+found in
the root directory of an OSS fileset are not allowed.
See also “Special Considerations for Files in Restricted-Access Filesets” (page 122).
Using the lseek() Function
You cannot use the lseek() function call with pipes, FIFO files, character special files, or other
devices. Seeks are not allowed on Guardian EDIT files, unless the offset parameter is 0 (zero)
and the whence parameter is set to SEEK_SET; otherwise, an error is returned.
Using the lstat(), lstat64(), readlink(), and symlink() Functions
You cannot use the lstat(), lstat64(), readlink(), or symlink() functions to set symbolic
links in the Guardian file system. However, Guardian files can be pointed to by symbolic links
created in the OSS file system.
Using the mkdir() Function
You are allowed to use the mkdir() function call in the OSS file system as long as you do not
set any bits in the mode parameter other than the file permission bits, S_ISVTX, and S_IFDIR.
The group ID is set to the group ID of the parent directory if the S_ISGID parameter is set in the
parent directory; otherwise, the group ID is set to the effective group ID of the calling process.
mkdir() cannot be used to create a directory named /dev, /dev/null, /dev/tty, or
/lost+found in the root directory of an OSS fileset.
124 Porting UNIX Applications to the OSS Environment