PRIV_SET(3C) | Standard C Library Functions | PRIV_SET(3C) |
priv_set
, priv_ineffect
—
#include <priv.h>
int
priv_set
(priv_op_t op,
priv_ptype_t which, ...);
boolean_t
priv_ineffect
(const char
*priv);
priv_set
() is a convenient wrapper for the
setppriv(2) function. It takes three
or more arguments. The operation argument, op, can be
one of PRIV_OFF
, PRIV_ON
or
PRIV_SET
. The which argument is
the name of the privilege set to change, one of
PRIV_EFFECTIVE
,
PRIV_INHERITABLE
,
PRIV_PERMITTED
, PRIV_LIMIT
or
the special pseudo set PRIV_ALLSETS
if the operation
should be applied to all privilege sets. Subsequent arguments provide zero or
more privilege names, terminated with a NULL
pointer.
See EXAMPLES.
The specified privileges are converted to a binary privilege set
and setppriv(2) is called with the
same op and which arguments.
When called with PRIV_ALLSETS
as the value for the
which argument,
setppriv(2) is called for each set
in turn, aborting on the first failed call.
priv_ineffect
() is a convenient wrapper
for the getppriv(2) function. The
priv argument specifies the name of a privilege, and
this function checks for its presence in the effective set.
priv_set
() return 0.
Otherwise, -1 is returned and errno
is set to indicate
the error.
If priv is a valid privilege that is a
member of the effective set, priv_ineffect
() returns
B_TRUE
. Otherwise, it returns
B_FALSE
and sets errno
to
indicate the error.
priv_set
()
#include <priv.h> ... /* Remove basic privileges we don't need */ (void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_PROC_EXEC, PRIV_PROC_INFO, PRIV_FILE_LINK_ANY, PRIV_PROC_SESSION, NULL);
priv_set
() function will fail if:
EINVAL
ENOMEM
EPERM
PRIV_LIMIT
or
PRIV_PERMITTED
, or the application attempted to
add privileges to PRIV_INHERITABLE
or
PRIV_EFFECTIVE
that were not in
PRIV_PERMITTED
.The priv_ineffect
() function will fail
if:
June 3, 2022 | OmniOS |