| PRIV_SET(3C) | Standard C Library Functions | PRIV_SET(3C) |
priv_set,
priv_ineffect — change
privilege sets and check whether privileges are set
#include
<priv.h>
int
priv_set(priv_op_t op,
priv_ptype_t which, ...);
boolean_t
priv_ineffect(const char
*priv);
priv_set()
is a convenient wrapper for the
setppriv(2) function. It takes three
or more arguments. The operation argument, op, can be
one of PRIV_OFF, PRIV_ON or
PRIV_SET. The which argument
is the name of the privilege set to change, one of
PRIV_EFFECTIVE,
PRIV_INHERITABLE,
PRIV_PERMITTED, PRIV_LIMIT
or the special pseudo set PRIV_ALLSETS if the
operation should be applied to all privilege sets. Subsequent arguments
provide zero or more privilege names, terminated with a
NULL pointer. See
EXAMPLES.
The specified privileges are converted to a binary privilege set
and setppriv(2) is called with the
same op and which arguments.
When called with PRIV_ALLSETS as the value for the
which argument,
setppriv(2) is called for each set
in turn, aborting on the first failed call.
priv_ineffect()
is a convenient wrapper for the
getppriv(2) function. The
priv argument specifies the name of a privilege, and
this function checks for its presence in the effective set.
Upon successful completion, priv_set()
return 0. Otherwise, -1 is returned and errno is set
to indicate the error.
If priv is a valid privilege that is a
member of the effective set, priv_ineffect() returns
B_TRUE. Otherwise, it returns
B_FALSE and sets errno to
indicate the error.
Example
1 Using priv_set()
#include <priv.h>
...
/* Remove basic privileges we don't need */
(void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_PROC_EXEC,
PRIV_PROC_INFO, PRIV_FILE_LINK_ANY, PRIV_PROC_SESSION,
NULL);
The priv_set() function will fail if:
EINVALENOMEMEPERMPRIV_LIMIT or
PRIV_PERMITTED, or the application attempted to
add privileges to PRIV_INHERITABLE or
PRIV_EFFECTIVE that were not in
PRIV_PERMITTED.The priv_ineffect() function will fail
if:
setppriv(2), priv_str_to_set(3C), attributes(7), privileges(7)
| June 3, 2022 | OmniOS |