2004-11-03 13:51:07 +00:00
|
|
|
.\" Copyright (c) 1983, 1991 The Regents of the University of California.
|
|
|
|
.\" All rights reserved.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
|
|
.\" must display the following acknowledgement:
|
|
|
|
.\" This product includes software developed by the University of
|
|
|
|
.\" California, Berkeley and its contributors.
|
|
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
|
|
.\" may be used to endorse or promote products derived from this software
|
|
|
|
.\" without specific prior written permission.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
.\" SUCH DAMAGE.
|
|
|
|
.\"
|
|
|
|
.\" @(#)setregid.2 6.4 (Berkeley) 3/10/91
|
|
|
|
.\"
|
|
|
|
.\" Modified Sat Jul 24 09:08:49 1993 by Rik Faith <faith@cs.unc.edu>
|
|
|
|
.\" Portions extracted from linux/kernel/sys.c:
|
|
|
|
.\" Copyright (C) 1991, 1992 Linus Torvalds
|
|
|
|
.\" May be distributed under the GNU General Public License
|
|
|
|
.\" Changes: 1994-07-29 by Wilf <G.Wilford@ee.surrey.ac.uk>
|
|
|
|
.\" 1994-08-02 by Wilf due to change in kernel.
|
|
|
|
.\" 2004-07-04 by aeb
|
|
|
|
.\" 2004-05-27 by Michael Kerrisk
|
|
|
|
.\"
|
_exit.2, brk.2, capget.2, chdir.2, chmod.2, chown.2, chroot.2, getdtablesize.2, gethostname.2, getpagesize.2, getsid.2, killpg.2, mknod.2, mknodat.2, poll.2, posix_fadvise.2, pread.2, readlink.2, setpgid.2, setreuid.2, sigaltstack.2, stat.2, symlink.2, sync.2, truncate.2, vfork.2, wait.2, wait4.2, a64l.3, abs.3, acos.3, acosh.3, asin.3, asinh.3, atan.3, atan2.3, atoi.3, cbrt.3, ceil.3, copysign.3, cosh.3, dirfd.3, div.3, ecvt.3, erf.3, erfc.3, exp.3, exp2.3, fabs.3, fdim.3, ffs.3, floor.3, fma.3, fmax.3, fmin.3, fmod.3, fpclassify.3, frexp.3, ftw.3, fwide.3, gcvt.3, getcwd.3, getdate.3, getgrent.3, gethostid.3, getpass.3, getpwent.3, getsubopt.3, getw.3, hypot.3, ilogb.3, index.3, isalpha.3, isgreater.3, iswblank.3, j0.3, ldexp.3, lockf.3, log.3, log10.3, log1p.3, logb.3, lrint.3, lround.3, mkstemp.3, mktemp.3, modf.3, mq_receive.3, mq_send.3, nan.3, nextafter.3, posix_fallocate.3, posix_memalign.3, printf.3, qecvt.3, random.3, realpath.3, remainder.3, remquo.3, rint.3, round.3, scalb.3, scalbln.3, scanf.3, siginterrupt.3, signbit.3, sigset.3, sinh.3, sqrt.3, strcasecmp.3, strcat.3, strchr.3, strcmp.3, strcoll.3, strcpy.3, strfry.3, strpbrk.3, strsep.3, strspn.3, strstr.3, strtod.3, strtok.3, strtol.3, strtoul.3, strxfrm.3, tanh.3, tgamma.3, trunc.3, ttyslot.3, ualarm.3, usleep.3, wprintf.3, armscii-8.7, cp1251.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-3.7, iso_8859-5.7, iso_8859-6.7, iso_8859-8.7, koi8-u.7: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2010-09-19 17:19:13 +00:00
|
|
|
.TH SETREUID 2 2010-09-20 "Linux" "Linux Programmer's Manual"
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH NAME
|
|
|
|
setreuid, setregid \- set real and/or effective user or group ID
|
|
|
|
.SH SYNOPSIS
|
|
|
|
.B #include <sys/types.h>
|
|
|
|
.br
|
|
|
|
.B #include <unistd.h>
|
|
|
|
.sp
|
|
|
|
.BI "int setreuid(uid_t " ruid ", uid_t " euid );
|
|
|
|
.br
|
|
|
|
.BI "int setregid(gid_t " rgid ", gid_t " egid );
|
2007-07-08 12:11:40 +00:00
|
|
|
.sp
|
|
|
|
.in -4n
|
|
|
|
Feature Test Macro Requirements for glibc (see
|
|
|
|
.BR feature_test_macros (7)):
|
|
|
|
.in
|
|
|
|
.sp
|
|
|
|
.BR setreuid (),
|
|
|
|
.BR setregid ():
|
2010-09-18 08:49:52 +00:00
|
|
|
.RS 4
|
|
|
|
.ad l
|
|
|
|
_BSD_SOURCE || _XOPEN_SOURCE\ >=\ 500 ||
|
|
|
|
_XOPEN_SOURCE\ &&\ _XOPEN_SOURCE_EXTENDED
|
|
|
|
.ad
|
|
|
|
.RE
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH DESCRIPTION
|
2005-10-19 06:54:38 +00:00
|
|
|
.BR setreuid ()
|
2007-12-27 16:06:35 +00:00
|
|
|
sets real and effective user IDs of the calling process.
|
2004-11-03 13:51:07 +00:00
|
|
|
|
|
|
|
Supplying a value of \-1 for either the real or effective user ID forces
|
|
|
|
the system to leave that ID unchanged.
|
|
|
|
|
|
|
|
Unprivileged processes may only set the effective user ID to the real user ID,
|
2009-10-17 05:35:40 +00:00
|
|
|
the effective user ID, or the saved set-user-ID.
|
2004-11-03 13:51:07 +00:00
|
|
|
|
2009-10-17 05:35:40 +00:00
|
|
|
Unprivileged users may only set the real user ID to
|
2004-11-03 13:51:07 +00:00
|
|
|
the real user ID or the effective user ID.
|
|
|
|
|
2009-10-17 05:35:40 +00:00
|
|
|
If the real user ID is set or the effective user ID is set to a value
|
2005-07-18 16:55:22 +00:00
|
|
|
not equal to the previous real user ID,
|
|
|
|
the saved set-user-ID will be set to the new effective user ID.
|
2004-11-03 13:51:07 +00:00
|
|
|
|
|
|
|
Completely analogously,
|
2005-10-19 06:54:38 +00:00
|
|
|
.BR setregid ()
|
2007-12-27 16:06:35 +00:00
|
|
|
sets real and effective group ID's of the calling process,
|
2004-11-03 13:51:07 +00:00
|
|
|
and all of the above holds with "group" instead of "user".
|
|
|
|
.SH "RETURN VALUE"
|
2007-04-12 22:42:49 +00:00
|
|
|
On success, zero is returned.
|
|
|
|
On error, \-1 is returned, and
|
2004-11-03 13:51:07 +00:00
|
|
|
.I errno
|
|
|
|
is set appropriately.
|
|
|
|
.SH ERRORS
|
|
|
|
.TP
|
|
|
|
.B EPERM
|
2007-12-27 16:06:35 +00:00
|
|
|
The calling process is not privileged
|
2004-11-03 13:51:07 +00:00
|
|
|
(Linux: does not have the
|
|
|
|
.B CAP_SETUID
|
|
|
|
capability in the case of
|
2007-04-12 22:42:49 +00:00
|
|
|
.BR setreuid (),
|
|
|
|
or the
|
2004-11-03 13:51:07 +00:00
|
|
|
.B CAP_SETGID
|
|
|
|
capability in the case of
|
|
|
|
.BR setregid ())
|
|
|
|
and a change other than (i)
|
|
|
|
swapping the effective user (group) ID with the real user (group) ID,
|
|
|
|
or (ii) setting one to the value of the other or (iii) setting the
|
2005-07-18 16:55:22 +00:00
|
|
|
effective user (group) ID to the value of the
|
|
|
|
saved set-user-ID (saved set-group-ID) was specified.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH "CONFORMING TO"
|
2006-08-03 13:57:17 +00:00
|
|
|
POSIX.1-2001, 4.3BSD (the
|
2005-10-19 06:54:38 +00:00
|
|
|
.BR setreuid ()
|
2004-11-03 13:51:07 +00:00
|
|
|
and
|
2005-10-19 06:54:38 +00:00
|
|
|
.BR setregid ()
|
2004-11-03 13:51:07 +00:00
|
|
|
function calls first appeared in 4.2BSD).
|
2007-05-18 16:06:42 +00:00
|
|
|
.SH NOTES
|
|
|
|
Setting the effective user (group) ID to the
|
|
|
|
saved set-user-ID (saved set-group-ID) is
|
|
|
|
possible since Linux 1.1.37 (1.1.38).
|
2009-10-17 05:35:40 +00:00
|
|
|
|
|
|
|
POSIX.1 does not specify all of possible ID changes that are permitted
|
|
|
|
on Linux for an unprivileged process.
|
|
|
|
For
|
|
|
|
.BR setreuid (),
|
2010-02-26 04:45:27 +00:00
|
|
|
the effective user ID can be made the same as the
|
2009-10-17 05:35:40 +00:00
|
|
|
real user ID or the save set-user-ID,
|
|
|
|
and it is unspecified whether unprivileged processes may set the
|
|
|
|
real user ID to the real user ID, the effective user ID, or the
|
|
|
|
saved set-user-ID.
|
|
|
|
For
|
|
|
|
.BR setregid (),
|
|
|
|
the real group ID can be changed to the value of the saved set-group-ID,
|
|
|
|
and the effective group ID can be changed to the value of
|
|
|
|
the real group ID or the saved set-group-ID.
|
|
|
|
The precise details of what ID changes are permitted vary
|
|
|
|
across implementations.
|
|
|
|
|
|
|
|
POSIX.1 makes no specification about the effect of these calls
|
|
|
|
on the saved set-user-ID and saved set-group-ID.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH "SEE ALSO"
|
|
|
|
.BR getgid (2),
|
|
|
|
.BR getuid (2),
|
|
|
|
.BR seteuid (2),
|
|
|
|
.BR setgid (2),
|
|
|
|
.BR setresuid (2),
|
|
|
|
.BR setuid (2),
|
|
|
|
.BR capabilities (7)
|