Purpose
Queries the
command security information in the privileged command database.
Library
Security
Library (libc.a)
Description
The getcmdattr subroutine
reads a specified attribute from the command database. If the database
is not open, this subroutine does an implicit open for reading. For
attributes of the SEC_CHAR and SEC_LIST types, the getcmdattr subroutine
returns the value to the allocated memory. Caller needs to free this
memory.
Parameters
Item |
Description |
Command |
Specifies the command name. The value should
be the full path to the command on the system. |
Attribute |
Specifies the attribute to read. The following
possible attributes are defined in the usersec.h file: - S_ACCESSAUTHS
- Access authorizations. The attribute type is SEC_LIST and
is a null-separated list of authorization names. Sixteen authorizations
can be specified. A user with one of the authorizations is allowed
to run the command. In addition to the user-defined and system-defined
authorizations available on the system, the following three special
values are allowed:
- ALLOW_OWNER
- Allows the command owner to run the command without checking for
access authorizations.
- ALLOW_GROUP
- Allows the command group to run the command without checking for
access authorizations.
- ALLOW_ALL
- Allows every user to run the command without checking for access
authorizations.
- S_AUTHPRIVS
- Authorized privileges. The attribute type is SEC_LIST.
Privilege authorization and authorized privileges pairs indicate process
privileges during the execution of the command corresponding to the
authorization that the parent process possesses. The authorization
and its corresponding privileges are separated by an equal sign (=);
individual privileges are separated by a plus sign (+); the authorization
and privileges pairs are separated by a comma (,) as shown in the
following illustration:
auth=priv+priv+...,auth=priv+priv...,...
The
number of authorization and privileges pairs is limited to sixteen.
- S_AUTHROLES
- The role or list of roles, users having these have to be authenticated
to allow execution of the command. The attribute type is SEC_LIST.
- S_INNATEPRIVS
- Innate privileges. This is a null-separated list of privileges
that are assigned to the process when running the command. The attribute
type is SEC_LIST.
- S_INHERITPRIVS
- Inheritable privileges. This is a null-separated list of privileges
that are passed to child process privileges. The attribute type is SEC_LIST.
- S_EUID
- The effective user ID to be assumed when running the command.
The attribute type is SEC_INT.
- S_EGID
- The effective group ID to be assumed when running the command.
The attribute type is SEC_INT.
- S_RUID
- The real user ID to be assumed when running the command. The attribute
type is SEC_INT.
|
Value |
Specifies a pointer, or a pointer to a pointer
according to the value specified in the Attribute and Type parameters.
See the Type parameter for more details. |
Type |
Specifies the type of attribute. The following
valid types are defined in the usersec.h file: - SEC_INT
- The format of the attribute is an integer. For the subroutine,
the user should supply a pointer to a defined integer variable.
- SEC_CHAR
- The format of the attribute is a null-terminated character string.
For the subroutine, the user should supply a pointer to a defined
character pointer variable. Caller needs to free this memory.
- SEC_LIST
- The format of the attribute is a series of concatenated strings
that each of which is null-terminated. The last string in the series
is terminated by two successive null characters. For the subroutine,
the user should supply a pointer to a defined character pointer variable.
Caller needs to free this memory.
|
Security
Files
Accessed: File |
Mode |
/etc/security/privcmds |
rw |
Return Values
If
successful, the getcmdattr subroutine returns zero. Otherwise,
a value of -1 is returned and the errno global value is set
to indicate the error.
Error Codes
If the getcmdattr subroutine
fails, one of the following errno values is set:
Item |
Description |
EINVAL |
The Command parameter is NULL or default. |
EINVAL |
The Attribute array or the Type parameter
is NULL or does not contain one of the defined values. |
ENOATTR |
The Attribute array is S_PRIVCMDS,
but the Command parameter is not ALL. |
ENOENT |
The command specified in the Command parameter
does not exist. |
ENOATTR |
The attribute specified in the Attribute array
is valid, but no value is defined for the command. |
EPERM |
The operation is not permitted. |
EIO |
Failed to access remote command database. |