setppriv Subroutine
Purpose
Sets the privilege sets associated with a process.
Library
Standard C Library (libc.a)
Syntax
#include <sys/types.h>
#include <sys/priv.h>
int setppriv(pid, effective, maximum, inheritable,limiting)
pid_t pid;
privg_t * effective, maximum, inheritable, limiting;
Description
The setppriv subroutine sets the effective (EPS), maximum (MPS), inheritable (IPS) and limiting (LPS) privilege sets for the process as specified by the pid parameter. If the value of the pid parameter is negative, the privileges of the calling process are modified. The PV_PROC_PRIV privilege is needed in the effective set when a process wants to change the maximum or inheritable privilege set of any process or the effective privilege sets of another process. The calling process does not require a privilege to reduce its own maximum or inheritable privilege set or to modify its own effective privilege set. The limiting privilege acts as a ceiling for the maximum and inheritable privilege. The maximum privilege acts as a ceiling for the effective privilege. The effective privilege is the current privilege of the process per the pid parameter.
If the effective, maximum, inheritable or limiting privilege set has a value of null, the corresponding privilege set of the process remains unchanged. At least one of the effective, maximum, inheritable and limiting privilege sets must not have a value of null.
When the privilege of the process identified by the pid parameter is modified, the privilege sets of the process have the following proper relationship: the new effective privilege set of the process must be a subset of the new maximum privilege set of the process. Otherwise, the call fails.
Parameters
| Item | Description |
|---|---|
| pid | Indicates that the process for which the privilege set change is requested. |
| effective | Sets the effective privilege set, which is used to override system restrictions. |
| maximum | Sets the maximum privilege set over which a process has control. |
| inheritable | Sets the inheritable privilege set, which is passed to the EPS and MPS of a child process. |
| limiting | Sets the limiting privilege set, which is the maximum possible privilege set that the process can have. |
Return Values
| Item | Description |
|---|---|
| 0 | The subroutine ran successfully. |
| -1 | An error occurred. The errno global variable is set to indicate the error. |
Error Codes
| Item | Description |
|---|---|
| EFAULT | The effective, maximum, inheritable or limiting privilege set is an illegal address. |
| EINVAL | The value of the effective, maximum, inheritable, and limiting privilege set passed are all null. |
| EPERM | The calling process does not have the PV_PROC_PRIV or MAC write privilege (in Trusted AIX®) to modify a process privilege set. |
| ESRCH | No process has an ID equal to the value specified by the pid parameter. |