test

Trusted Solaris Developer's Guide

Interface Declarations

The following interfaces are available for handling file and process privilege sets. Where there is one set of interfaces to access a file using the pathname and another to access a file by the file descriptor, the examples use the pathname interfaces only because the syntax is almost identical.

System Calls

These system calls get and set file and process privilege sets.

File Sets

These system calls get and set the file privilege set using the full path name of the file. Refer to the getfpriv(2) man page. 

int getfpriv( char *path,
	priv_ftype_t type,
	priv_set_t *priv_set);

int setfpriv( char *path,
	priv_op_t op,
	priv_ftype_t type,
	priv_set_t *priv_set);

These system calls get and set file privilege set using a file descriptor. Refer to the getfpriv(2) man page. 

int fgetfpriv(int fd,
	priv_ftype_t type,
	priv_set_t *priv_set);

int fsetfpriv(int fd,
	priv_op_t op,
	priv_ftype_t type,
	priv_set_t *priv_set);

Process Sets

These system calls get and set process privilege sets. Refer to the getppriv(2) man page. 

int getppriv(priv_ptype_t type, priv_set_t *priv_set);

int setppriv(priv_op_t op,
	priv_ptype_t type,
	priv_set_t *priv_set);
Note -

You can also use the library routines below to access process privilege sets. The syntax is a little different, but the semantics are the same.

Library Routines

These library routines get process privilege sets, convert a privilege ID or privilege set between binary and text, and get the privilege description text for a specified privilege ID.

Process Privilege Sets

These library routines set the effective, permitted, and inheritable privilege sets on a process. Refer to the set_effective_priv(3TSOL) man page. 

int set_effective_priv(priv_op_t op, int privno, priv_t priv_id);

int set_permitted_priv(priv_op_t op, int privno, priv_t priv_id);

int set_inheritable_priv(priv_op_t op, int privno, priv_t priv_id);
Note -

You can also use setppriv(2) and getppriv(2) to access process privilege sets. The syntax is a little different, but the semantics are the same.

Binary and Text Privilege Translation

These library routines translate a privilege ID or a privilege set between binary and text. Refer to the priv_to_str(3TSOL) man page. 

char* priv_to_str(const priv_t priv_id);

priv_t str_to_priv(const char *priv_name);

char* priv_set_to_str(priv_set_t *priv_set,
	const char sep,
	char *buf, int *blen);

char* str_to_priv_set(const char *priv_names,
	priv_set_t *priv_set,
	const char *sep);

Privilege Description Text

These library routines get the privilege text for a specified privilege ID. Refer to the priv_to_str(3TSOL) man page. 

char* get_priv_text(const priv_t priv_id);