il-def-privs Wdiff usr/src/man/man3c/priv_addset.3c

Print this page

uts: add a concept of a 'default' set of privileges, separate from 'basic'

Split	Close
Expand all
Collapse all

          --- old/usr/src/man/man3c/priv_addset.3c.man.txt
          +++ new/usr/src/man/man3c/priv_addset.3c.man.txt
   1    1  PRIV_ADDSET(3C)          Standard C Library Functions          PRIV_ADDSET(3C)
   2    2  
   3    3  
   4    4  
   5    5  NAME
   6    6         priv_addset, priv_allocset, priv_copyset, priv_delset, priv_emptyset,
   7      -       priv_basicset, priv_fillset, priv_freeset, priv_intersect,
   8      -       priv_inverse, priv_isemptyset, priv_isequalset, priv_isfullset,
   9      -       priv_ismember, priv_issubset, priv_union - privilege set manipulation
  10      -       functions
        7 +       priv_basicset, priv_defaultset, priv_fillset, priv_freeset,
        8 +       priv_intersect, priv_inverse, priv_isemptyset, priv_isequalset,
        9 +       priv_isfullset, priv_ismember, priv_issubset, priv_union - privilege
       10 +       set manipulation functions
  11   11  
  12   12  SYNOPSIS
  13   13         #include <priv.h>
  14   14  
  15   15         int priv_addset(priv_set_t *sp, const char *priv);
  16   16  
  17   17  
  18   18         priv_set_t *priv_allocset(void);
  19   19  
  20   20

  21   21         void priv_copyset(const priv_set_t *src, priv_set_t *dst);
  22   22

↓ open down ↓

2 lines elided

↑ open up ↑

  23   23  
  24   24         int priv_delset(priv_set_t *sp, const char *priv);
  25   25  
  26   26  
  27   27         void priv_emptyset(priv_set_t *sp);
  28   28  
  29   29  
  30   30         void priv_basicset(priv_set_t *sp);
  31   31  
  32   32  
       33 +       void priv_defaultset(priv_set_t *sp);
       34 +
       35 +
  33   36         void priv_fillset(priv_set_t *sp);
  34   37  
  35   38  
  36   39         void priv_freeset(priv_set_t *sp);
  37   40  
  38   41  
  39   42         void priv_intersect(const priv_set_t *src, priv_set_t *dst);
  40   43  
  41   44  
  42   45         void priv_inverse(priv_set_t *sp);

  43   46  
  44   47  
  45   48         boolean_t priv_isemptyset(const priv_set_t *sp);
  46   49  
  47   50  
  48   51         boolean_t priv_isequalset(const priv_set_t *src, const priv_set_t *dst);
  49   52  
  50   53  
  51   54         boolean_t priv_isfullset(const priv_set_t *sp);
  52   55  
  53   56  
  54   57         boolean_t priv_ismember(const priv_set_t *sp, const char *priv);
  55   58  
  56   59  
  57   60         boolean_t priv_issubset(const priv_set_t *src, const priv_set_t *dst);
  58   61  
  59   62  
  60   63         void priv_union(const priv_set_t *src, priv_set_t *dst);
  61   64  
  62   65  
  63   66  DESCRIPTION
  64   67         The sp, src, and dst arguments point to privilege sets. The priv
  65   68         argument points to a named privilege.
  66   69  
  67   70  
  68   71         The priv_addset() function adds the named privilege priv to sp.
  69   72  
  70   73  
  71   74         The priv_allocset() function allocates sufficient memory to contain a
  72   75         privilege set. The value of the returned privilege set is
  73   76         indeterminate. The function returns NULL and sets errno when it fails
  74   77         to allocate memory.
  75   78  
  76   79  
  77   80         The priv_copyset() function copies the set src to dst.
  78   81

↓ open down ↓

36 lines elided

↑ open up ↑

  79   82  
  80   83         The priv_delset() function removes the named privilege priv from sp.
  81   84  
  82   85  
  83   86         The priv_emptyset() function clears all privileges from sp.
  84   87  
  85   88  
  86   89         The priv_basicset() function copies the basic privilege set to sp.
  87   90  
  88   91  
       92 +       The priv_defaultset() function copies the default privilege set to sp.
       93 +
       94 +
  89   95         The priv_fillset() function asserts all privileges in sp, including the
  90   96         privileges not currently defined in the system.
  91   97  
  92   98  
  93   99         The priv_freeset() function frees the storage allocated by
  94  100         priv_allocset().
  95  101  
  96  102  
  97  103         The priv_intersect() function intersects src with dst and places the
  98  104         results in dst.

  99  105  
 100  106  
 101  107         The priv_inverse() function inverts the privilege set given as argument
 102  108         in place.
 103  109  
 104  110  
 105  111         The priv_isemptyset() function checks whether the argument is an empty
 106  112         set.
 107  113  
 108  114  
 109  115         The priv_isequalset() function checks whether the privilege set src is
 110  116         equal to dst.
 111  117  
 112  118  
 113  119         The priv_isfullset() function checks whether the argument is a full
 114  120         set.  A full set is a set with all bits set, regardless of whether the
 115  121         privilege is currently defined in the system.
 116  122  
 117  123  
 118  124         The priv_ismember() function checks whether the named privilege priv is
 119  125         a member of sp.
 120  126  
 121  127  
 122  128         The priv_issubset() function checks whether src is a subset of dst.
 123  129  
 124  130  
 125  131         The priv_union() function takes the union of src and dst and places the
 126  132         result in dst.
 127  133  
 128  134  RETURN VALUES
 129  135         Upon successful completion, priv_allocset() returns a pointer to an
 130  136         opaque data structure. It returns NULL if memory allocation fails and
 131  137         sets errno to indicate the error.
 132  138  
 133  139  
 134  140         Upon successful completion, priv_isemptyset(), priv_isfullset(),
 135  141         priv_isequalset(), priv_issubset(), and priv_ismember() return B_TRUE.
 136  142         Otherwise, they return B_FALSE.
 137  143  
 138  144  
 139  145         Upon successful completion, priv_delset() and priv_addset() return 0.
 140  146         Otherwise, they return -1 and set errno to indicate the error.
 141  147  
 142  148  ERRORS
 143  149         The priv_allocset() function will fail if:
 144  150  
 145  151         ENOMEM
 146  152                   The physical limits of the system are exceeded by the memory
 147  153                   allocation needed to hold a privilege set.
 148  154  
 149  155  
 150  156         EAGAIN
 151  157                   There is insufficient memory for allocation to hold a
 152  158                   privilege set. The application can try again later.
 153  159  
 154  160  
 155  161  
 156  162         The priv_delset() and priv_addset() functions will fail if:
 157  163  
 158  164         EINVAL
 159  165                   The privilege argument is not a valid privilege name.
 160  166  
 161  167  
 162  168  ATTRIBUTES
 163  169         See attributes(5) for descriptions of the following attributes:
 164  170  
 165  171  
 166  172  
 167  173  
 168  174         +--------------------+-----------------+
 169  175         |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
 170  176         +--------------------+-----------------+
 171  177         |Interface Stability | Evolving        |
 172  178         +--------------------+-----------------+
 173  179         |MT-Level            | MT-Safe         |
 174  180         +--------------------+-----------------+
 175  181  
 176  182  SEE ALSO
 177  183         setppriv(2), malloc(3C), priv_str_to_set(3C), attributes(5),
 178  184         privileges(5)
 179  185  
 180  186  NOTES
 181  187         The functions that compare sets operate on all bits of the set,
 182  188         regardless of whether the specific privileges are currently defined in
 183  189         the system.
 184  190  
 185  191  
 186  192  
 187  193                                 September 8, 2015               PRIV_ADDSET(3C)

↓ open down ↓

89 lines elided

↑ open up ↑

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX