Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ dg_set_trusted_device(2) — DG/UX R4.11MU05

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

secstat(1)

settdev(1M)



DG/UX B2 Security R4.12MU02                         dg_set_trusted_device(2)


NAME
       dgsettrusteddevice - set the trusted-device attribute of device
       files

SYNOPSIS
       #include <sys/dgtparms.h>

       int  dgsettrusteddevice (const char *path, int option);

   where:
       path   Address of the pathname of a device file

       option One of two options: DGTDEVON or DGTDEVOFF

DESCRIPTION
       Dgsettrusteddevice sets the trusted-device attribute of the device
       named by the pathname pointed to by path to option.  If path refers
       to a symbolic link, the option is set for the target of the symbolic
       link.

       A trusted device is one that either does its own MAC checking or is
       inherently trusted and need not perform any access control checks.
       The option DGTDEVON sets the attribute, causing the device to be
       treated as a trusted device, while DGTDEVOFF resets the attribute.

       The subject file must be of type `character-special-file', `block-
       special-file', or `streams-file'.

       If dgsettrusteddevice fails, the trusted-device attribute of the
       device is not changed.

ACCESS CONTROL
       The caller must have appropriate privilege.

       For systems supporting the DG/UX Capability Option, appropriate
       privilege is defined as having one or more specific capabilities
       enabled in the effective capability set of the calling process.  See
       capdefaults(5) for the default capability for this system call.  On
       systems without the DG/UX Capability Option, appropriate privilege
       means that the process has an effective UID of root. See the
       appropriateprivilege(5) man page for more information.

RETURN VALUE
       0      The dgsettrusteddevice operation was successful.

       -1     An error occurred.  errno is set to indicate the error.

DIAGNOSTICS
       Errno may be set to one of the following error codes:

       ENOSYS         The system is not configured for MAC.

       EPERM          The caller does not have sufficient privilege.

       EINVAL         The option option is not recognized.

       EOPNOTSUPP     The file the pathname resolved to does not support
                      this operation.

       ENOENT         The file the pathname resolved to does not exist.

       ENOENT         A nonterminal component of the pathname does not
                      exist.

       ENOTDIR        A nonterminal component of the pathname was not a
                      directory or symbolic link.

       ENAMETOOLONG   The pathname exceeds the length limit for pathnames.

       ENAMETOOLONG   A component of the pathname exceeds the length limit
                      for filenames.

       ENOMEM         There are not enough system resources to resolve the
                      pathname or to expand a symbolic link.

       ELOOP          The number of symbolic links encountered during
                      pathname resolution exceeded MAXSYMLINKS.  A symbolic
                      link cycle is suspected.

       EFAULT         The pathname does not completely reside in the
                      process's address space or the pathname does not
                      terminate in the process's address space.

       EBUSY          The file object named by path is currently in use by
                      another process.

SEE ALSO
       secstat(1), settdev(1M), dggetomac(2), dggetorange(2),
       dgsetomac(2), dgsetorange(2), capdefaults(5).


Licensed material--property of copyright holder(s)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026