Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ privilege(5) — UnixWare 2.01

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

filepriv(2)

priv(4)

procpriv(2)






       privilege(5)                                            privilege(5)


       NAME
             privilege - include file for privilege mechanism definitions

       SYNOPSIS
             #include <sys/privilege.h>

       DESCRIPTION
             This header file is used by all privilege mechanisms.  All
             privileges are defined here, as well as certain operations
             that are necessary to manipulate privileges.

             At user level, each privilege attached to a file or process is
             defined as a 32 bit quantity called a privilege descriptor.
             The most significant eight bits contain a mask value for the
             known privilege sets: fixed, inheritable, maximum and working.
             The remaining twenty-four bits contains a value for the actual
             privilege.

             In the kernel, privileges are maintained as bit vectors in the
             credentials structure, with the state of the corresponding bit
             denoting whether a particular privilege is set or clear.  Each
             privilege set in the credentials structure has its own bit
             vector.

             Several macros exist to manipulate privilege descriptors and
             convert between the user level descriptors and the kernel
             level bit vectors.  In the examples below, p denotes a
             privilege descriptor, v denotes a privilege bit vector, and a
             and b denotes a credential structure.

                   pm_allon                Returns a value equivalent to a
                                           privilege vector with all bits
                                           turned on.  Used for pm_setbits

                   pm_pos(p)               Given a privilege descriptor p,
                                           return the privilege part only.

                   pm_type(p)              Given a privilege descriptor p,
                                           return the type of privilege set
                                           only.

                   pm_pridc(p)             Given a privilege descriptor p,
                                           return the type of privilege set
                                           as an ASCII character (F for
                                           fixed, I for inheritable, M for
                                           maximum, and W for working).


                           Copyright 1994 Novell, Inc.               Page 1













      privilege(5)                                            privilege(5)


                  pm_privbit(p)           Given a privilege descriptor p
                                          containing only the privilege
                                          number, return a bit vector with
                                          the bit for this privilege
                                          turned on.

                  pm_pridt(p)             Given an ASCII character stored
                                          in p, return a privilege
                                          descriptor containing the type
                                          of privilege set corresponding
                                          to that character.  Valid values
                                          are F for fixed privilege set, I
                                          for inheritable set, M for
                                          maximum set, and W for working
                                          set.

                  pm_invalid(p)           Check the supplied privilege
                                          descriptor, p returning 0 if
                                          valid, and 1 if not.

                  pm_setbits(p,v)         Given a privilege descriptor p
                                          and a bit vector v, turn on the
                                          bit in the bit vector
                                          corresponding to the privilege
                                          supplied in the descriptor.  Use
                                          pm_allon to set all bits if the
                                          descriptor contains P_ALLPRIVS.

                  pm_privon(a,v)          Given a credential structure a
                                          and a bit vector v with the bit
                                          corresponding to the privilege
                                          of interest turned on, return 1
                                          if the privilege is on in the
                                          working privilege set of the
                                          credentials, and 0 if not.

                  pm_subset(a,b)          Given two credential structures
                                          a and b, determine if the
                                          maximum privilege set of the
                                          second is an improper subset of
                                          the maximum privilege set of the
                                          first.

                  pm_privileged(a)        Given a credential structure a,
                                          return 0 if the maximum
                                          privilege set is empty (the


                          Copyright 1994 Novell, Inc.               Page 2













       privilege(5)                                            privilege(5)


                                           process does not and can not
                                           have privilege), or non-zero
                                           otherwise.

       REFERENCES
             filepriv(2), priv(4), procpriv(2)










































                           Copyright 1994 Novell, Inc.               Page 3








Typewritten Software • bear@typewritten.org • Edmonds, WA 98026