getgroups.2: Add discussion of NPTL credential-changing mechanism

At the kernel level, credentials (UIDs and GIDs) are a per-thread attribute. NPTL uses a signal-based mechanism to ensure that when one thread changes its credentials, all other threads change credentials to the same values. By this means, the NPTL implementation conforms to the POSIX requirement that the threads in a process share credentials. Reported-by: Shawn Landden <shawn@churchofgit.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-22 09:42:46 +01:00 · 2015-03-22 09:42:46 +01:00 · 405930725b
parent cb066271c9
commit 405930725b
1 changed files with 16 additions and 0 deletions
--- a/man2/getgroups.2
+++ b/man2/getgroups.2
@ -1,4 +1,5 @@
 .\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" and Copyright (C) 2008, 2010, 2015, Michael Kerrisk <mtk.manpages@gmail.com>
 .\"
 .\" %%%LICENSE_START(VERBATIM)
 .\" Permission is granted to make and distribute verbatim copies of this
@ -187,6 +188,21 @@ supporting 32-bit IDs.
 The glibc
 .BR getgroups ()
 wrapper function transparently deals with the variation across kernel versions.
+.\"
+.SS C library/kernel ABI differences
+At the kernel level, user IDs and group IDs are a per-thread attribute.
+However, POSIX requires that all threads in a process
+share the same credentials.
+The NPTL threading implementation handles the POSIX requirements by
+providing wrapper functions for
+the various system calls that change process UIDs and GIDs.
+These wrapper functions (including the one for
+.BR setgroups ())
+employ a signal-based technique to ensure
+that when one thread changes credentials,
+all of the other threads in the process also change their credentials.
+For details, see
+.BR nptl (7).
 .SH SEE ALSO
 .BR getgid (2),
 .BR setgid (2),