Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > P

privgrp(5)

HP-UX 11i Version 3: February 2007
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

NAME

privgrp — HP-UX group privileges

DESCRIPTION

HP-UX allows subletting of limited superuser-like privileges to all users or to members of a particular group or groups. This capability is deprecated and only existing applications should use it. The newer fine-grained privilege facilities described in privileges(5) should be used by new applications.

The <sys/privgrp.h> header defines the following symbolic privilege names: PRIV_CHOWN, PRIV_FSSTHREAD, PRIV_LOCKRDONLY, PRIV_MLOCK, PRIV_MPCTL, PRIV_PSET, PRIV_RTPRIO, PRIV_RTSCHED, PRIV_SERIALIZE, PRIV_SETRUGID, and PRIV_SPUCTL.

All but one of the group privileges are supported as fine-grained privileges and described in privileges(5). The one group privilege not supported as a fine-grained privilege is:

PRIV_SETRUGID

Permits the use of the setuid() and setgid() system calls for changing respectively the real user ID and real group ID of a process (see setuid(2)). This behavior of setuid() is deprecated and only legacy applications should use it. Newer applications should use setresuid(geteuid(), -1, -1) and setresgid(getegid(), -1, -1), respectively, to achieve the same effect. (No special privileges required.)

The <sys/privgrp.h> header defines two additional symbolic constants:

PRIV_MAXGRPS

defines the maximum number of groups with special privileges. Of this maximum, one is reserved for global privileges (granted to all processes) and the remainder can be assigned to actual group IDs.

PRIV_MASKSIZ

defines the size of the multi-word mask used in defining privileges associated with a group ID.

The setprivgrp and getprivgrp commands and the setprivgrp() and getprivgrp() system calls may be used to define and query the privilege group associations.

The group privileges are automatically initialized from the contents of /etc/privgroup (see privgrp(4)) at boot time.

WARNINGS

This mechanism is deprecated and only legacy applications should use it. See privileges(5) for a description of fine-grained privileges.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.