priv(5)


priv -- include file for user-level privilege definitions

Synopsis

   #include <sys/types.h>
   #include <priv.h>

Description

This header file is used by all user-level privilege commands and programs that manipulate privileges. It contains several macros used by user-level programs. The external (user-level) privilege representation, which is defined in /usr/include/sys/privilege.h, consists of a numerical designation for each privilege set or type (working and maximum for processes, and fixed and inheritable for files), bitwise OR'ed with a designation for the particular privilege.

The file also contains macro definitions for the command arguments to the filepriv(2), procpriv(2), and procprivl(3C) calls in addition to the typedef for the user-level definition of a privilege type and privilege set.

Finally, this file also contains user-level macro definitions used in privilege-related calls made by various commands. Four macros, described below, are used to simplify construction of privilege representation. Rather than taking the representation of the individual privilege and OR'ing it with the representation of the desired privilege type, the user can simply call the desired macro with the privilege position. All of these macros return -1 if called with an invalid privilege.


pm_work(p)
returns the representation for the specified privilege p in the working set

pm_max(p)
returns the representation for the specified privilege p in the maximum set

pm_fixed(p)
returns the representation for the specified privilege p in the fixed set

pm_inher(p)
returns the representation for the specified privilege p in the inheritable set

The above four macros can then used in defining macros to simplify calls to routines that handle privileges. The file contains a number of macro definitions using the pm_work macro, used in the source code in calls to procprivl(3C). For example, if a programmer wished to set the macread and dacread privileges in the working set of the process, a call to procprivl might be made as follows:

   procprivl(SETPRV,(P_MACREAD|PS_WKG),(P_DACREAD|PS_WKG),(priv_t)0);

Using the macros MACREAD_W and DACREAD_W defined in this file, the call could be simplified to:

   procprivl(SETPRV, MACREAD_W, DACREAD_W, (priv_t)0);

Further simplification would be possible in this instance using the READ_W macro defined in the file.

References

filepriv(2), privilege(5), procpriv(2)
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004