xref: /illumos-gate/usr/src/man/man3c/priv_set.3c (revision 14b24e2b79293068c8e016a69ef1d872fb5e2fd5)
te
Copyright (c) 2003, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
PRIV_SET 3C "Sep 25, 2003"
NAME
priv_set, priv_ineffect - change privilege sets and check whether privileges are set
SYNOPSIS

#include <priv.h>

int priv_set(priv_op_t op, priv_ptype_t which...);

boolean_t priv_ineffect(const char *priv);
DESCRIPTION

The priv_set() function is a convenient wrapper for the setppriv(2) function. It takes three or more arguments. The operation argument, op, can be one of PRIV_OFF, PRIV_ON or PRIV_SET. The which argument is the name of the privilege set to change. The third argument is a list of zero or more privilege names terminated with a null pointer. If which is the special pseudo set PRIV_ALLSETS, the operation should be applied to all privilege sets.

The specified privileges are converted to a binary privilege set and setppriv() is called with the same op and which arguments. When called with PRIV_ALLSETS as the value for the which argument, setppriv() is called for each set in turn, aborting on the first failed call.

The priv_ineffect() function is a conventient wrapper for the getppriv(2) function. The priv argument specifies the name of the privilege for which this function checks its presence in the effective set.

RETURN VALUES

Upon successful completion, priv_set() return 0. Otherwise, -1 is returned and errno is set to indicate the error.

If priv is a valid privilege that is a member of the effective set, priv_ineffect() returns B_TRUE. Otherwise, it returns B_FALSE and sets errno to incicate the error.

ERRORS

The priv_set() function will fail if: EINVAL

The value of op or which is out of range.

ENOMEM

Insufficient memory was allocated.

EPERM

The application attempted to add privileges to PRIV_LIMIT or PRIV_PERMITTED, or the application attempted to add privileges to PRIV_INHERITABLE or PRIV_EFFECTIVE that were not in PRIV_PERMITTED.

The priv_ineffect() function will fail if: EINVAL

The privilege specified by priv is invalid.

ENOMEM

Insufficient memory was allocated.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
Interface Stability Evolving
MT-Level MT-Safe
SEE ALSO

setppriv(2), priv_str_to_set(3C), attributes(5), privileges(5)