il-def-privs Wdiff usr/src/man/man3c/priv_addset.3c

Print this page

uts: add a concept of a 'default' set of privileges, separate from 'basic'

Split	Close
Expand all
Collapse all

          --- old/usr/src/man/man3c/priv_addset.3c
          +++ new/usr/src/man/man3c/priv_addset.3c
   1    1  '\" te
   2    2  .\" Copyright (c) 2005, Sun Microsystems, Inc. All Rights Reserved.
   3    3  .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
   4    4  .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
   5    5  .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   6    6  .TH PRIV_ADDSET 3C "Sep 08, 2015"
   7    7  .SH NAME
   8    8  priv_addset, priv_allocset, priv_copyset, priv_delset, priv_emptyset,
   9      -priv_basicset, priv_fillset, priv_freeset, priv_intersect, priv_inverse,
  10      -priv_isemptyset, priv_isequalset, priv_isfullset, priv_ismember,
        9 +priv_basicset, priv_defaultset, priv_fillset, priv_freeset, priv_intersect,
       10 +priv_inverse, priv_isemptyset, priv_isequalset, priv_isfullset, priv_ismember,
  11   11  priv_issubset, priv_union \-
  12   12  privilege set manipulation functions
  13   13  .SH SYNOPSIS
  14   14  .LP
  15   15  .nf
  16   16  #include <priv.h>
  17   17  
  18   18  \fBint\fR \fBpriv_addset\fR(\fBpriv_set_t *\fR\fIsp\fR, \fBconst char *\fR\fIpriv\fR);
  19   19  .fi
  20   20

  21   21  .LP
  22   22  .nf
  23   23  \fBpriv_set_t *\fR\fBpriv_allocset\fR(\fBvoid\fR);
  24   24  .fi
  25   25  
  26   26  .LP
  27   27  .nf
  28   28  \fBvoid\fR \fBpriv_copyset\fR(\fBconst priv_set_t *\fR\fIsrc\fR, \fBpriv_set_t *\fR\fIdst\fR);
  29   29  .fi
  30   30  
  31   31  .LP
  32   32  .nf
  33   33  \fBint\fR \fBpriv_delset\fR(\fBpriv_set_t *\fR\fIsp\fR, \fBconst char *\fR\fIpriv\fR);
  34   34  .fi
  35   35  
  36   36  .LP
  37   37  .nf

↓ open down ↓

17 lines elided

↑ open up ↑

  38   38  \fBvoid\fR \fBpriv_emptyset\fR(\fBpriv_set_t *\fR\fIsp\fR);
  39   39  .fi
  40   40  
  41   41  .LP
  42   42  .nf
  43   43  \fBvoid\fR \fBpriv_basicset\fR(\fBpriv_set_t *\fR\fIsp\fR);
  44   44  .fi
  45   45  
  46   46  .LP
  47   47  .nf
       48 +\fBvoid\fR \fBpriv_defaultset\fR(\fBpriv_set_t *\fR\fIsp\fR);
       49 +.fi
       50 +
       51 +.LP
       52 +.nf
  48   53  \fBvoid\fR \fBpriv_fillset\fR(\fBpriv_set_t *\fR\fIsp\fR);
  49   54  .fi
  50   55  
  51   56  .LP
  52   57  .nf
  53   58  \fBvoid\fR \fBpriv_freeset\fR(\fBpriv_set_t *\fR\fIsp\fR);
  54   59  .fi
  55   60  
  56   61  .LP
  57   62  .nf

  58   63  \fBvoid\fR \fBpriv_intersect\fR(\fBconst priv_set_t *\fR\fIsrc\fR, \fBpriv_set_t *\fR\fIdst\fR);
  59   64  .fi
  60   65  
  61   66  .LP
  62   67  .nf
  63   68  \fBvoid\fR \fBpriv_inverse\fR(\fBpriv_set_t *\fR\fIsp\fR);
  64   69  .fi
  65   70  
  66   71  .LP
  67   72  .nf
  68   73  \fBboolean_t\fR \fBpriv_isemptyset\fR(\fBconst priv_set_t *\fR\fIsp\fR);
  69   74  .fi
  70   75  
  71   76  .LP
  72   77  .nf
  73   78  \fBboolean_t\fR \fBpriv_isequalset\fR(\fBconst priv_set_t *\fR\fIsrc\fR, \fBconst priv_set_t *\fR\fIdst\fR);
  74   79  .fi
  75   80  
  76   81  .LP
  77   82  .nf
  78   83  \fBboolean_t\fR \fBpriv_isfullset\fR(\fBconst priv_set_t *\fR\fIsp\fR);
  79   84  .fi
  80   85  
  81   86  .LP
  82   87  .nf
  83   88  \fBboolean_t\fR \fBpriv_ismember\fR(\fBconst priv_set_t *\fR\fIsp\fR, \fBconst char *\fR\fIpriv\fR);
  84   89  .fi
  85   90  
  86   91  .LP
  87   92  .nf
  88   93  \fBboolean_t\fR \fBpriv_issubset\fR(\fBconst priv_set_t *\fR\fIsrc\fR, \fBconst priv_set_t *\fR\fIdst\fR);
  89   94  .fi
  90   95  
  91   96  .LP
  92   97  .nf
  93   98  \fBvoid\fR \fBpriv_union\fR(\fBconst priv_set_t *\fR\fIsrc\fR, \fBpriv_set_t *\fR\fIdst\fR);
  94   99  .fi
  95  100  
  96  101  .SH DESCRIPTION
  97  102  .LP
  98  103  The \fIsp\fR, \fIsrc\fR, and \fIdst\fR arguments point to privilege sets. The
  99  104  \fIpriv\fR argument points to a named privilege.
 100  105  .sp
 101  106  .LP
 102  107  The \fBpriv_addset()\fR function adds the named privilege \fIpriv\fR to
 103  108  \fIsp\fR.
 104  109  .sp
 105  110  .LP
 106  111  The \fBpriv_allocset()\fR function allocates sufficient memory to contain a
 107  112  privilege set. The value of the returned privilege set is indeterminate. The
 108  113  function returns \fINULL\fR and sets \fBerrno\fR when it fails to allocate
 109  114  memory.
 110  115  .sp
 111  116  .LP
 112  117  The \fBpriv_copyset()\fR function copies the set \fIsrc\fR to \fIdst\fR.
 113  118  .sp
 114  119  .LP

↓ open down ↓

57 lines elided

↑ open up ↑

 115  120  The \fBpriv_delset()\fR function removes the named privilege \fIpriv\fR from
 116  121  \fIsp\fR.
 117  122  .sp
 118  123  .LP
 119  124  The \fBpriv_emptyset()\fR function clears all privileges from \fIsp\fR.
 120  125  .sp
 121  126  .LP
 122  127  The \fBpriv_basicset()\fR function copies the basic privilege set to \fIsp\fR.
 123  128  .sp
 124  129  .LP
      130 +The \fBpriv_defaultset()\fR function copies the default privilege set to
      131 +\fIsp\fR.
      132 +.sp
      133 +.LP
 125  134  The \fBpriv_fillset()\fR function asserts all privileges in \fIsp\fR, including
 126  135  the privileges not currently defined in the system.
 127  136  .sp
 128  137  .LP
 129  138  The \fBpriv_freeset()\fR function frees the storage allocated by
 130  139  \fBpriv_allocset()\fR.
 131  140  .sp
 132  141  .LP
 133  142  The \fBpriv_intersect()\fR function intersects \fIsrc\fR with \fIdst\fR and
 134  143  places the results in \fIdst\fR.

 135  144  .sp
 136  145  .LP
 137  146  The \fBpriv_inverse()\fR function inverts the privilege set given as argument
 138  147  in place.
 139  148  .sp
 140  149  .LP
 141  150  The \fBpriv_isemptyset()\fR function checks whether the argument is an empty
 142  151  set.
 143  152  .sp
 144  153  .LP
 145  154  The \fBpriv_isequalset()\fR function checks whether the privilege set \fIsrc\fR
 146  155  is equal to \fIdst\fR.
 147  156  .sp
 148  157  .LP
 149  158  The \fBpriv_isfullset()\fR function checks whether the argument is a full set.
 150  159  A full set is a set with all bits set, regardless of whether the privilege is
 151  160  currently defined in the system.
 152  161  .sp
 153  162  .LP
 154  163  The \fBpriv_ismember()\fR function checks whether the named privilege
 155  164  \fIpriv\fR is a member of \fIsp\fR.
 156  165  .sp
 157  166  .LP
 158  167  The \fBpriv_issubset()\fR function checks whether \fIsrc\fR is a subset of
 159  168  \fIdst\fR.
 160  169  .sp
 161  170  .LP
 162  171  The \fBpriv_union()\fR function takes the union of \fIsrc\fR and \fIdst\fR and
 163  172  places the result in \fIdst\fR.
 164  173  .SH RETURN VALUES
 165  174  .LP
 166  175  Upon successful completion, \fBpriv_allocset()\fR returns a pointer to an
 167  176  opaque data structure. It returns \fINULL\fR if memory allocation fails and
 168  177  sets \fBerrno\fR to indicate the error.
 169  178  .sp
 170  179  .LP
 171  180  Upon successful completion, \fBpriv_isemptyset()\fR, \fBpriv_isfullset()\fR,
 172  181  \fBpriv_isequalset()\fR, \fBpriv_issubset()\fR, and \fBpriv_ismember()\fR
 173  182  return \fBB_TRUE\fR. Otherwise, they return \fBB_FALSE\fR.
 174  183  .sp
 175  184  .LP
 176  185  Upon successful completion, \fBpriv_delset()\fR and \fBpriv_addset()\fR return
 177  186  0. Otherwise, they return -1 and set \fBerrno\fR to indicate the error.
 178  187  .SH ERRORS
 179  188  .LP
 180  189  The \fBpriv_allocset()\fR function will fail if:
 181  190  .sp
 182  191  .ne 2
 183  192  .na
 184  193  \fB\fBENOMEM\fR\fR
 185  194  .ad
 186  195  .RS 10n
 187  196  The physical limits of the system are exceeded by the memory allocation needed
 188  197  to hold a privilege set.
 189  198  .RE
 190  199  
 191  200  .sp
 192  201  .ne 2
 193  202  .na
 194  203  \fB\fBEAGAIN\fR\fR
 195  204  .ad
 196  205  .RS 10n
 197  206  There is insufficient memory for allocation to hold a privilege set. The
 198  207  application can try again later.
 199  208  .RE
 200  209  
 201  210  .sp
 202  211  .LP
 203  212  The \fBpriv_delset()\fR and \fBpriv_addset()\fR functions will fail if:
 204  213  .sp
 205  214  .ne 2
 206  215  .na
 207  216  \fB\fBEINVAL\fR\fR
 208  217  .ad
 209  218  .RS 10n
 210  219  The privilege argument is not a valid privilege name.
 211  220  .RE
 212  221  
 213  222  .SH ATTRIBUTES
 214  223  .LP
 215  224  See \fBattributes\fR(5) for descriptions of the following attributes:
 216  225  .sp
 217  226  
 218  227  .sp
 219  228  .TS
 220  229  box;
 221  230  c | c
 222  231  l | l .
 223  232  ATTRIBUTE TYPE  ATTRIBUTE VALUE
 224  233  _
 225  234  Interface Stability     Evolving
 226  235  _
 227  236  MT-Level        MT-Safe
 228  237  .TE
 229  238  
 230  239  .SH SEE ALSO
 231  240  .LP
 232  241  \fBsetppriv\fR(2), \fBmalloc\fR(3C), \fBpriv_str_to_set\fR(3C),
 233  242  \fBattributes\fR(5), \fBprivileges\fR(5)
 234  243  .SH NOTES
 235  244  .LP
 236  245  The functions that compare sets operate on all bits of the set, regardless of
 237  246  whether the specific privileges are currently defined in the system.

↓ open down ↓

103 lines elided

↑ open up ↑

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX