test

Trusted Solaris Developer's Guide

Data Types, Header Files, and Libraries

To use the programming interfaces described in this chapter, you need the following header file. 

#include <tsol/priv.h>

The examples in this chapter compile with the following library:


-ltsol

Single Privileges

One privilege is represented by the priv_t type definition. You initialize a variable of type priv_t with a privilege ID that can be either the constant name or numeric ID. The constant name is preferred because it makes your code easier to read. 

priv_t priv_id = PRIV_FILE_DAC_WRITE;

Privilege Set Structure

Privilege sets are represented by the priv_set_t data structure. You initialize variables of type priv_set_t with the str_to_priv_set(3TSOL) routine or the PRIV_ASSERT macro depending on whether you want to assert one privilege at a time using its privilege ID (PRIV_ASSERT) or convert a string of one or more privileges into a privilege set using a single interface (str_to_priv_set).

File Privilege Sets

The type of file privilege set to be worked on is represented by the priv_ftype_t type definition. Values are PRIV_ALLOWED and PRIV_FORCED.

Process Privilege Sets

The type of process privilege set to be worked on is represented by the priv_ptype_t type definition. Values are PRIV_EFFECTIVE, PRIV_INHERITABLE, PRIV_PERMITTED, and PRIV_SAVED.

Operations on File and Process Sets

The type of operation performed on a file or process privilege set is represented by the priv_op_t type definition. Not all operations are valid for every type of privilege set. Read the privilege set descriptions in "Privilege Sets" for details.

Values are the following: