mirror of https://github.com/mkerrisk/man-pages
131 lines
4.5 KiB
Groff
131 lines
4.5 KiB
Groff
.\" Copyright (C) 1995, Thomas K. Dyas <tdyas@eden.rutgers.edu>
|
|
.\"
|
|
.\" %%%LICENSE_START(VERBATIM)
|
|
.\" Permission is granted to make and distribute verbatim copies of this
|
|
.\" manual provided the copyright notice and this permission notice are
|
|
.\" preserved on all copies.
|
|
.\"
|
|
.\" Permission is granted to copy and distribute modified versions of this
|
|
.\" manual under the conditions for verbatim copying, provided that the
|
|
.\" entire resulting derived work is distributed under the terms of a
|
|
.\" permission notice identical to this one.
|
|
.\"
|
|
.\" Since the Linux kernel and libraries are constantly changing, this
|
|
.\" manual page may be incorrect or out-of-date. The author(s) assume no
|
|
.\" responsibility for errors or omissions, or for damages resulting from
|
|
.\" the use of the information contained herein. The author(s) may not
|
|
.\" have taken the same level of care in the production of this manual,
|
|
.\" which is licensed free of charge, as they might when working
|
|
.\" professionally.
|
|
.\"
|
|
.\" Formatted or processed versions of this manual, if unaccompanied by
|
|
.\" the source, must acknowledge the copyright and authors of this work.
|
|
.\" %%%LICENSE_END
|
|
.\"
|
|
.\" Created 1995-08-06 Thomas K. Dyas <tdyas@eden.rutgers.edu>
|
|
.\" Modified 2000-07-01 aeb
|
|
.\" Modified 2002-07-23 aeb
|
|
.\" Modified, 27 May 2004, Michael Kerrisk <mtk.manpages@gmail.com>
|
|
.\" Added notes on capability requirements
|
|
.\"
|
|
.TH SETFSGID 2 2016-07-17 "Linux" "Linux Programmer's Manual"
|
|
.SH NAME
|
|
setfsgid \- set group identity used for filesystem checks
|
|
.SH SYNOPSIS
|
|
.B #include <sys/fsuid.h>
|
|
.sp
|
|
.BI "int setfsgid(uid_t " fsgid );
|
|
.SH DESCRIPTION
|
|
The system call
|
|
.BR setfsgid ()
|
|
changes the value of the caller's filesystem group ID\(emthe
|
|
group ID that the Linux kernel uses to check for all accesses
|
|
to the filesystem.
|
|
Normally, the value of
|
|
the filesystem group ID
|
|
will shadow the value of the effective group ID.
|
|
In fact, whenever the
|
|
effective group ID is changed,
|
|
the filesystem group ID
|
|
will also be changed to the new value of the effective group ID.
|
|
|
|
Explicit calls to
|
|
.BR setfsuid (2)
|
|
and
|
|
.BR setfsgid ()
|
|
are usually used only by programs such as the Linux NFS server that
|
|
need to change what user and group ID is used for file access without a
|
|
corresponding change in the real and effective user and group IDs.
|
|
A change in the normal user IDs for a program such as the NFS server
|
|
is a security hole that can expose it to unwanted signals.
|
|
(But see below.)
|
|
|
|
.BR setfsgid ()
|
|
will succeed only if the caller is the superuser or if
|
|
.I fsgid
|
|
matches either the caller's real group ID, effective group ID,
|
|
saved set-group-ID, or current the filesystem user ID.
|
|
.SH RETURN VALUE
|
|
On both success and failure,
|
|
this call returns the previous filesystem group ID of the caller.
|
|
.SH VERSIONS
|
|
This system call is present in Linux since version 1.2.
|
|
.\" This system call is present since Linux 1.1.44
|
|
.\" and in libc since libc 4.7.6.
|
|
.SH CONFORMING TO
|
|
.BR setfsgid ()
|
|
is Linux-specific and should not be used in programs intended
|
|
to be portable.
|
|
.SH NOTES
|
|
Note that at the time this system call was introduced, a process
|
|
could send a signal to a process with the same effective user ID.
|
|
Today signal permission handling is slightly different.
|
|
See
|
|
.BR setfsuid (2)
|
|
for a discussion of why the use of both
|
|
.BR setfsuid (2)
|
|
and
|
|
.BR setfsgid ()
|
|
is nowadays unneeded.
|
|
|
|
The original Linux
|
|
.BR setfsgid ()
|
|
system call supported only 16-bit group IDs.
|
|
Subsequently, Linux 2.4 added
|
|
.BR setfsgid32 ()
|
|
supporting 32-bit IDs.
|
|
The glibc
|
|
.BR setfsgid ()
|
|
wrapper function transparently deals with the variation across kernel versions.
|
|
.SS C library/kernel differences
|
|
In glibc 2.15 and earlier,
|
|
when the wrapper for this system call determines that the argument can't be
|
|
passed to the kernel without integer truncation (because the kernel
|
|
is old and does not support 32-bit group IDs),
|
|
they will return \-1 and set \fIerrno\fP to
|
|
.B EINVAL
|
|
without attempting
|
|
the system call.
|
|
.SH BUGS
|
|
No error indications of any kind are returned to the caller,
|
|
and the fact that both successful and unsuccessful calls return
|
|
the same value makes it impossible to directly determine
|
|
whether the call succeeded or failed.
|
|
Instead, the caller must resort to looking at the return value
|
|
from a further call such as
|
|
.IR setfsgid(\-1)
|
|
(which will always fail), in order to determine if a preceding call to
|
|
.BR setfsgid ()
|
|
changed the filesystem group ID.
|
|
At the very
|
|
least,
|
|
.B EPERM
|
|
should be returned when the call fails (because the caller lacks the
|
|
.B CAP_SETGID
|
|
capability).
|
|
.SH SEE ALSO
|
|
.BR kill (2),
|
|
.BR setfsuid (2),
|
|
.BR capabilities (7),
|
|
.BR credentials (7)
|