Queries the authorizations that are defined in the authorization database.
Security Library (libc.a)
The getauthattr subroutine reads a specified attribute from the authorization database. The getauthattr subroutine can retrieve authorization definitions from both the user-defined authorization database and the system-defined authorization table. For attributes of the SEC_CHAR and SEC_LIST types, the getauthattr subroutine returns the value in allocated memory. The caller needs to free this memory.
Item | Description |
---|---|
Auth | The authorization name. This parameter must be specified unless the Type parameter is SEC_COMMIT. |
Attribute | Specifies which attribute is read. The following
possible attributes are defined in the usersec.h file:
|
Value | Specifies a buffer, a pointer to a buffer, or a pointer to a pointer depending on the Attribute and Type parameters. See the Type parameter for more details. |
Type | Specifies the type of attribute expected. Valid
types are defined in the usersec.h file and include:
|
File | Mode |
---|---|
/etc/security/authorizations | rw |
If successful, the getauthattr subroutine returns 0. Otherwise, a value of -1 is returned and the errno global value is set to indicate the error.
If the getauthattr subroutine fails, one of the following errno values can be set:
Item | Description |
---|---|
EINVAL | The Auth parameter is NULL or one of the reserved authorization names (default, ALLOW_OWNER, ALLOW_GROUP, ALLOW_ALL). |
EINVAL | The Attribute or Type parameter is NULL or does not contain one of the defined values. |
EINVAL | The Auth parameter is ALL and the Attribute parameter is not S_AUTHORIZATIONS. |
EINVAL | The Value parameter does not point to a valid buffer for this type of attribute. |
ENOATTR | The Attribute parameter is S_AUTHORIZATIONS, but the Auth parameter is not ALL. |
ENOATTR | The attribute specified in the Attribute parameter is valid but no value is defined for the authorization. |
ENOENT | The authorization specified in the Auth parameter does not exist. |
ENOMEM | Memory cannot be allocated. |
EPERM | The operation is not permitted. |
EACCES | Access permission is denied for the data request. |