xref: /freebsd/lib/libsys/setgroups.2 (revision db33c6f3ae9d1231087710068ee4ea5398aacca7)
1.\" Copyright (c) 1983, 1991, 1993, 1994
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.Dd January 19, 2018
29.Dt SETGROUPS 2
30.Os
31.Sh NAME
32.Nm setgroups
33.Nd set group access list
34.Sh LIBRARY
35.Lb libc
36.Sh SYNOPSIS
37.In sys/param.h
38.In unistd.h
39.Ft int
40.Fn setgroups "int ngroups" "const gid_t *gidset"
41.Sh DESCRIPTION
42The
43.Fn setgroups
44system call
45sets the group access list of the current user process
46according to the array
47.Fa gidset .
48The
49.Fa ngroups
50argument
51indicates the number of entries in the array and must be no
52more than
53.Dv {NGROUPS_MAX}+1 .
54.Pp
55Only the super-user may set a new group list.
56.Pp
57The first entry of the group array
58.Pq Va gidset[0]
59is used as the effective group-ID for the process.
60This entry is over-written when a setgid program is run.
61To avoid losing access to the privileges of the
62.Va gidset[0]
63entry, it should be duplicated later in the group array.
64By convention,
65this happens because the group value indicated
66in the password file also appears in
67.Pa /etc/group .
68The group value in the password file is placed in
69.Va gidset[0]
70and that value then gets added a second time when the
71.Pa /etc/group
72file is scanned to create the group set.
73.Sh RETURN VALUES
74.Rv -std setgroups
75.Sh ERRORS
76The
77.Fn setgroups
78system call will fail if:
79.Bl -tag -width Er
80.It Bq Er EPERM
81The caller is not the super-user.
82.It Bq Er EINVAL
83The number specified in the
84.Fa ngroups
85argument is larger than the
86.Dv {NGROUPS_MAX}+1
87limit.
88.It Bq Er EFAULT
89The address specified for
90.Fa gidset
91is outside the process
92address space.
93.El
94.Sh SEE ALSO
95.Xr getgroups 2 ,
96.Xr initgroups 3
97.Sh HISTORY
98The
99.Fn setgroups
100system call appeared in
101.Bx 4.2 .
102