2004-11-03 13:51:07 +00:00
|
|
|
.\" Hey Emacs! This file is -*- nroff -*- source.
|
|
|
|
.\"
|
|
|
|
.\" Copyright (C) 1997 Andries Brouwer (aeb@cwi.nl)
|
|
|
|
.\"
|
|
|
|
.\" Permission is granted to make and distribute verbatim copies of this
|
|
|
|
.\" manual provided the copyright notice and this permission notice are
|
|
|
|
.\" preserved on all copies.
|
|
|
|
.\"
|
|
|
|
.\" Permission is granted to copy and distribute modified versions of this
|
|
|
|
.\" manual under the conditions for verbatim copying, provided that the
|
|
|
|
.\" entire resulting derived work is distributed under the terms of a
|
|
|
|
.\" permission notice identical to this one.
|
2007-04-12 22:42:49 +00:00
|
|
|
.\"
|
2004-11-03 13:51:07 +00:00
|
|
|
.\" Since the Linux kernel and libraries are constantly changing, this
|
|
|
|
.\" manual page may be incorrect or out-of-date. The author(s) assume no
|
|
|
|
.\" responsibility for errors or omissions, or for damages resulting from
|
|
|
|
.\" the use of the information contained herein. The author(s) may not
|
|
|
|
.\" have taken the same level of care in the production of this manual,
|
|
|
|
.\" which is licensed free of charge, as they might when working
|
|
|
|
.\" professionally.
|
2007-04-12 22:42:49 +00:00
|
|
|
.\"
|
2004-11-03 13:51:07 +00:00
|
|
|
.\" Formatted or processed versions of this manual, if unaccompanied by
|
|
|
|
.\" the source, must acknowledge the copyright and authors of this work.
|
|
|
|
.\"
|
2007-09-20 06:52:22 +00:00
|
|
|
.\" Modified, 2003-05-26, Michael Kerrisk, <mtk.manpages@gmail.com>
|
2010-11-22 07:38:12 +00:00
|
|
|
.TH SETRESUID 2 2010-11-22 "Linux" "Linux Programmer's Manual"
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH NAME
|
|
|
|
setresuid, setresgid \- set real, effective and saved user or group ID
|
|
|
|
.SH SYNOPSIS
|
getresuid.2, mremap.2, poll.2, remap_file_pages.2, setresuid.2, splice.2, sync_file_range.2, syscall.2, tee.2, vmsplice.2, INFINITY.3, aio_init.3, asprintf.3, assert_perror.3, basename.3, bsd_signal.3, canonicalize_file_name.3, clog10.3, crypt.3, dl_iterate_phdr.3, dlopen.3, encrypt.3, exp10.3, fcloseall.3, fenv.3, fopencookie.3, ftw.3, getaddrinfo_a.3, getloadavg.3, getutent.3, grantpt.3, hsearch.3, lseek64.3, memmem.3, mempcpy.3, pow10.3, program_invocation_name.3, ptsname.3, putgrent.3, sched_getcpu.3, sincos.3, strchr.3, strfry.3, strnlen.3, strptime.3, strstr.3, strverscmp.3, swab.3, sysv_signal.3, tsearch.3, unlockpt.3, wcwidth.3: Add reference to feature_test_macros(7)
Some pages simply list feature test macro requirements in
the form:
#define #GNU_SOURCE
#include <someheader.h>
For these pages, add a "See feature_test_macros(7)" comment
on the "#define" line.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2010-10-31 04:31:47 +00:00
|
|
|
.BR "#define _GNU_SOURCE" " /* See feature_test_macros(7) */"
|
2004-11-03 13:51:07 +00:00
|
|
|
.br
|
|
|
|
.B #include <unistd.h>
|
|
|
|
.sp
|
|
|
|
.BI "int setresuid(uid_t " ruid ", uid_t " euid ", uid_t " suid );
|
|
|
|
.br
|
2007-04-12 22:42:49 +00:00
|
|
|
.BI "int setresgid(gid_t " rgid ", gid_t " egid ", gid_t " sgid );
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH DESCRIPTION
|
2005-10-19 06:54:38 +00:00
|
|
|
.BR setresuid ()
|
2005-07-18 16:55:22 +00:00
|
|
|
sets the real user ID, the effective user ID, and the
|
2007-12-27 16:06:35 +00:00
|
|
|
saved set-user-ID of the calling process.
|
2004-11-03 13:51:07 +00:00
|
|
|
|
2005-07-18 16:55:22 +00:00
|
|
|
Unprivileged user processes
|
|
|
|
may change the real UID,
|
|
|
|
effective UID, and saved set-user-ID, each to one of:
|
2007-04-12 22:42:49 +00:00
|
|
|
the current real UID, the current effective UID or the
|
2005-07-18 16:55:22 +00:00
|
|
|
current saved set-user-ID.
|
2004-11-03 13:51:07 +00:00
|
|
|
|
2007-06-20 22:15:34 +00:00
|
|
|
Privileged processes (on Linux, those having the \fBCAP_SETUID\fP capability)
|
2007-04-12 22:42:49 +00:00
|
|
|
may set the real UID, effective UID, and
|
2005-07-18 16:55:22 +00:00
|
|
|
saved set-user-ID to arbitrary values.
|
2004-11-03 13:51:07 +00:00
|
|
|
|
2008-07-10 20:53:08 +00:00
|
|
|
If one of the arguments equals \-1, the corresponding value is not changed.
|
2004-11-03 13:51:07 +00:00
|
|
|
|
2005-10-28 16:57:37 +00:00
|
|
|
Regardless of what changes are made to the real UID, effective UID,
|
2007-04-12 22:42:49 +00:00
|
|
|
and saved set-user-ID, the file system UID is always set to the same
|
2005-10-28 16:57:37 +00:00
|
|
|
value as the (possibly new) effective UID.
|
|
|
|
|
2004-11-03 13:51:07 +00:00
|
|
|
Completely analogously,
|
2005-10-19 06:54:38 +00:00
|
|
|
.BR setresgid ()
|
2007-04-12 22:42:49 +00:00
|
|
|
sets the real GID, effective GID, and saved set-group-ID
|
2007-12-27 16:06:35 +00:00
|
|
|
of the calling process (and always modifies the file system GID
|
2005-10-28 16:57:37 +00:00
|
|
|
to be the same as the effective GID),
|
2010-01-16 17:29:41 +00:00
|
|
|
with the same restrictions for unprivileged processes.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH "RETURN VALUE"
|
2007-04-12 22:42:49 +00:00
|
|
|
On success, zero is returned.
|
|
|
|
On error, \-1 is returned, and
|
2004-11-03 13:51:07 +00:00
|
|
|
.I errno
|
|
|
|
is set appropriately.
|
|
|
|
.SH ERRORS
|
|
|
|
.TP
|
|
|
|
.B EAGAIN
|
|
|
|
.I uid
|
2005-07-18 16:55:22 +00:00
|
|
|
does not match the current UID and this call would
|
2007-06-22 19:42:52 +00:00
|
|
|
bring that user ID over its
|
2007-09-20 16:26:31 +00:00
|
|
|
.B RLIMIT_NPROC
|
2007-06-22 19:42:52 +00:00
|
|
|
resource limit.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B EPERM
|
2007-06-20 22:15:34 +00:00
|
|
|
The calling process is not privileged (did not have the \fBCAP_SETUID\fP
|
2004-12-13 08:58:09 +00:00
|
|
|
capability) and tried to change the IDs to values that are not permitted.
|
2007-05-18 16:06:42 +00:00
|
|
|
.SH VERSIONS
|
|
|
|
These calls are available under Linux since Linux 2.1.44.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH "CONFORMING TO"
|
accept.2, execve.2, futimesat.2, getresuid.2, getrlimit.2, madvise.2, mq_getsetattr.2, msgctl.2, nice.2, open.2, poll.2, setresuid.2, shmctl.2, sigaction.2, times.2, utimensat.2, __setfpucw.3, atoi.3, endian.3, err.3, euidaccess.3, fenv.3, fopencookie.3, fpurge.3, getgrouplist.3, getutmp.3, j0.3, lgamma.3, netlink.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_cleanup_push_defer_np.3, pthread_getattr_np.3, pthread_kill_other_threads_np.3, pthread_setaffinity_np.3, pthread_tryjoin_np.3, pthread_yield.3, random_r.3, readdir.3, rtnetlink.3, scanf.3, setenv.3, significand.3, sigsetops.3, strerror.3, strstr.3, sysv_signal.3, termios.3, timegm.3, unlocked_stdio.3, y0.3, locale.5, bootparam.7, feature_test_macros.7, ip.7, locale.7, pthreads.7, rtld-audit.7, nscd.8: Global fix: s/non-standard/nonstandard/
The tendency in English, as prescribed in style guides like
Chicago MoS, is towards removing hyphens after prefixes
like "non-" etc.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2010-01-16 16:37:52 +00:00
|
|
|
These calls are nonstandard;
|
2006-08-03 13:57:17 +00:00
|
|
|
they also appear on HP-UX and some of the BSDs.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH NOTES
|
2010-11-22 07:38:12 +00:00
|
|
|
Under HP-UX and FreeBSD, the prototype is found in
|
2004-11-03 13:51:07 +00:00
|
|
|
.IR <unistd.h> .
|
2007-07-08 12:11:40 +00:00
|
|
|
Under Linux the prototype is provided by glibc since version 2.3.2.
|
2010-11-22 07:50:57 +00:00
|
|
|
|
|
|
|
The original Linux
|
|
|
|
.BR setresuid ()
|
|
|
|
and
|
|
|
|
.BR setresgid ()
|
|
|
|
system calls supported only 16-bit user and group IDs.
|
2010-12-03 07:01:44 +00:00
|
|
|
Subsequently, Linux 2.4 added
|
2010-11-22 07:50:57 +00:00
|
|
|
.BR setresuid32 ()
|
|
|
|
and
|
|
|
|
.BR setresgid32 (),
|
|
|
|
supporting 32-bit IDs.
|
|
|
|
The glibc
|
|
|
|
.BR setresuid ()
|
|
|
|
and
|
|
|
|
.BR setresgid ()
|
|
|
|
wrapper functions transparently deal with the variations across kernel versions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH "SEE ALSO"
|
|
|
|
.BR getresuid (2),
|
|
|
|
.BR getuid (2),
|
2005-10-28 16:57:37 +00:00
|
|
|
.BR setfsgid (2),
|
2008-07-14 15:52:21 +00:00
|
|
|
.BR setfsuid (2),
|
2004-11-03 13:51:07 +00:00
|
|
|
.BR setreuid (2),
|
|
|
|
.BR setuid (2),
|
2007-01-28 20:00:24 +00:00
|
|
|
.BR capabilities (7),
|
getresuid.2, intro.2, mremap.2, open.2, poll.2, posix_fadvise.2, pread.2, remap_file_pages.2, setresuid.2, signal.2, splice.2, sync_file_range.2, tee.2, vmsplice.2, INFINITY.3, asprintf.3, assert_perror.3, basename.3, bsd_signal.3, canonicalize_file_name.3, clog10.3, crypt.3, dl_iterate_phdr.3, dlopen.3, dprintf.3, encrypt.3, exp10.3, fcloseall.3, fenv.3, ffs.3, fmemopen.3, fopencookie.3, ftw.3, getdate.3, getline.3, getloadavg.3, getopt.3, getsubopt.3, getutent.3, grantpt.3, hsearch.3, intro.3, lseek64.3, memmem.3, mempcpy.3, mq_receive.3, mq_send.3, posix_fallocate.3, pow10.3, program_invocation_name.3, ptsname.3, putgrent.3, readdir.3, sigset.3, sincos.3, stpcpy.3, stpncpy.3, strchr.3, strfry.3, strnlen.3, strptime.3, strsignal.3, strstr.3, strverscmp.3, swab.3, sysv_signal.3, tsearch.3, unlocked_stdio.3, unlockpt.3, wcpcpy.3, wcpncpy.3, wcsdup.3, wcwidth.3: SEE ALSO: Remove redundant reference to feature_test_macros(7)
Reported-by: Florian Lehmann <flo.lehmann@googlemail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2010-10-31 05:05:22 +00:00
|
|
|
.BR credentials (7)
|