Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ setprivgrp(1M) — HP-UX 8.05

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

getprivgrp(1)

chown(2)

getprivgrp(2)

lockf(2)

plock(2)

rtprio(2)

setuid(2)

shmctl(2)

privgrp(4)

privilege(5)

setprivgrp(1M)

NAME

setprivgrp − set special attributes for group

SYNOPSIS

setprivgrp group_name [privileges]
setprivgrp −g [privileges]
setprivgrp −n [privileges]
setprivgrp −f file

DESCRIPTION

setprivgrp associates a group with a system capability, thus providing a means for providing access to certain super-user-like privileges to members of a particular group or groups.  The command can take one of four forms as shown above. 

Options

If no option is specified (first form), group_name is given access to the specified privileges.

The following options (remaining three forms) grant privileges to all groups or no groups, or obtain privilege information from a specified file:

−g All groups have access to the specified privileges.

−n No groups have access to the specifed privileges.

−f Privileges are granted as specified in the file identified by file which is usually /etc/privgroup. 

Privileged Capabilities

System capabilities that can be granted to privileged groups by the setprivgrp command are:

RTPRIO Can use rtprio(2) for setting real-time priorities.

MLOCK Can use plock(2) for locking process text and data into memory, and the shmctl(2) SHM_LOCK function to lock shared memory segments. 

CHOWN Can use chown(2) to change file ownerships.

LOCKRDONLY Can use lockf(2) to set locks on files that are open for reading only.

SETRUGID Can use setuid(2) and setgid(2) to change, respectively, the real user ID or real group ID of a process. 

If privileges is absent in the command line (or in file if the −f option is specified), any currently assigned privileges are removed for the corresponding group or groups.  Note that capabilities set by this command are not added to existing capabilities for the same group.  If you want to add a capability for a particular group, you must respecify all capabilities that were already set for that group as well as the new capability. 

Group Privileges File Format

The file specifed with the −f option should contain one or more lines in the following format:

group_name [privileges]
−g [privileges]
−n [privileges]

ERRORS

setprivgrp returns 1 if the user is not super-user, and 2 if there is not enough table space to hold a new privileged group assignment. 

WARNINGS

In the HP Clustered environment, privilege groups are maintained separately for each member of the cluster.  The CHOWN privilege from a cnode is determined by the privilege groups set up on the cluster server. 

Only users with appropriate privileges can use this command. 

AUTHOR

setprivgrp was developed by HP. 

FILES

/etc/privgroup
/etc/group

SEE ALSO

getprivgrp(1), chown(2), getprivgrp(2), lockf(2), plock(2), rtprio(2), setuid(2), shmctl(2), privgrp(4), privilege(5). 

Hewlett-Packard Company  —  HP-UX Release 8.05: June 1991

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026