setpflags man page on SmartOS

Man page or keyword search:  
man Server   16655 pages
apropos Keyword Search (all sections)
Output format
SmartOS logo
[printable version]

GETPFLAGS(2)							  GETPFLAGS(2)

NAME
       getpflags, setpflags - get or set process flags

SYNOPSIS
       #include <sys/types.h>
       #include <priv.h>

       uint_t getpflags(uint_t flag);

       int setpflags(uint_t flag, uint_t value);

DESCRIPTION
       The getpflags() and setpflags() functions obtain and modify the current
       per-process flags.

       The following values for flag are supported:

       PRIV_AWARE

	   This one bit flag takes the value of 0 (unset) or 1 (set).  Only if
	   this	 flag is set is the current process privilege-aware. A process
	   can attempt to unset this flag  but	might  fail  silently  if  the
	   observed  set invariance condition cannot be met. Setting this flag
	   is always successful. See privileges(5) for a  discussion  of  this
	   flag.

       PRIV_AWARE_RESET

	   This	 one  bit  flag	 takes the value of 0 (unset) or 1 (set). This
	   causes a process to pretend it is non- privilege aware. The	effec‐
	   tive and permitted privilege set change on the change of the effec‐
	   tive uid. When all the uid sets become the same through setuid(uid)
	   or  through setreuid(uid, uid), the effective and permitted set are
	   set to the intersection between the limit set and  the  inheritable
	   set. At that point, both PRIV_AWARE and PRIV_AWARE_RESET are unset.

	   This	 flag  gets  automatically reset when a file becomes privilege
	   aware, either through calling setppriv(2) or by setting  PRIV_AWARE
	   to 1.

       PRIV_DEBUG

	   This one bit flag takes the value of 0 (unset) or 1 (set).  Only if
	   this flag is set does the current process have privilege  debugging
	   enabled. Processes can set and unset this flag at will.

       NET_MAC_AWARE
       NET_MAC_AWARE_INHERIT

	   These  flags	 are  available	 only if the system is configured with
	   Trusted Extensions. These one bit flags each take the  value	 of  0
	   (unset)  or 1 (set). If the NET_MAC_AWARE flag is set then the cur‐
	   rent process is allowed to communicate with peers  at  labels  that
	   are different than its own, subject to MAC policy.

	   The	NET_MAC_AWARE_INHERIT  flag  controls  the  propagation of the
	   NET_MAC_AWARE flag. When a process  performs	 one  of  the  exec(2)
	   functions,	the   NET_MAC_AWARE   flag   is	  unset	  unless   the
	   NET_MAC_AWARE_INHERIT is set. NET_MAC_AWARE_INHERIT is always unset
	   on  one  of the exec functions. The PRIV_NET_MAC_AWARE privilege is
	   required to set either of these flags.

RETURN VALUES
       The getpflags() returns the value associated with a  given  per-process
       flag. If the flag argument is invalid, (uint_t)-1 is returned and errno
       is set to indicate the error.

       Upon successful completion, setpflags() returns	0.  Otherwise,	-1  is
       returned and errno is set to indicate the error.

ERRORS
       The getpflags() and setpflags() functions will fail if:

       EINVAL
		 The  value  of	 flag or the value to which the flag is set is
		 out of range.

       The setpflags() function will fail if:

       EPERM
		An attempt was made to unset PRIV_AWARE but the	 observed  set
		invariance condition was not met.

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌────────────────────┬───────────────────┐
       │  ATTRIBUTE TYPE    │  ATTRIBUTE VALUE	│
       ├────────────────────┼───────────────────┤
       │Interface Stability │ Committed		│
       ├────────────────────┼───────────────────┤
       │MT-Level	    │ Async-Signal-Safe │
       └────────────────────┴───────────────────┘

SEE ALSO
       ppriv(1), setppriv(2), attributes(5), privileges(5)

				  Jun 4, 2009			  GETPFLAGS(2)
[top]

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net