priv_add.3 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

priv_add(3) priv_add(3)

the effective privilege set, the privilege should be present in the permitted privilege set of the

calling process.

priv_remove()

Removes the given privilege(s) from the calling process’ privilege set. The priv_type argument

speciﬁes the privilege set to be modiﬁed. Privileges removed from permitted privilege set are

also removed from effective and retained privilege sets of the calling process.

priv_set_effective()

Sets the effective privilege set of the calling process to the given privilege(s).

privset_add_effective()

Similar to priv_add_effective()

, except that it uses a privilege set type to specify the

privileges to add to the calling process’ effective privilege set.

privset_get() and priv_get()

These two functions return the privilege set speciﬁed by the priv_type argument of the pid pro-

cess. If pid is

0, the calling process’s privilege set is returned.

The

privset_get()

function returns the privileges as a vector, while the priv_get()

function returns the same as a char string.

The caller must free the memory allocated for the privilege vector or string when it is no longer

referenced, by using

privset_free()

or free() as appropriate.

privset_remove()

Similar to priv_remove(), except that it uses a privilege set type to specify the privileges to

remove from the calling process’ effective privilege set.

privset_set_effective()

Similar to priv_set_effective()

, except that it uses a privilege set type to specify the

privileges to set the calling process’ effective privilege set.

RETURN VALUE

Upon successful completion,

priv_add_effective()

, priv_set_effective(),

priv_remove(), privset_add_effective()

, privset_set_effective()

, and

privset_remove()

return the following values:

0 Successful completion.

-1 Function failed. errno is set to indicate the error.

privset_get() and priv_get() return the following values:

pointer Successful completions. Returns a non-null pointer to the privilege vector and

privilege string; for

privset_get()

and priv_get(), respectively. The caller

privset_get() is responsible for freeing the resultant privilege vector using

priv_freeset(). The caller of

priv_get() is responsible for freeing the

resultant privilege string using

free().

NULL pointer Function failed. Returns a null pointer and sets

errno to indicate the error.

ERRORS

If any of the following conditions occur, the functions fail and set

errno.

[EINVAL] Invalid parameter or operation.

[ENOMEM] The function failed to allocate sufﬁcient memory for its operation.

[EPERM] The privilege to be set in the effective set is not present in the permitted set.

Attempt to add or remove privileges of a different process fails.

[ESRCH] pid is not valid.

EXAMPLES

#include <sys/privileges.h>

#include <stdio.h>

#include <stdlib.h>

#define priv_list "basic,policy,limit,!cmptread,!fork"

main()

{

2 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: September 2010