checkauths Subroutine

Purpose

Compares the passed-in list of authorizations to the authorizations associated with the current process.

Library

Security Library (libc.a)

Syntax

# include <usersec.h>

int checkauths(CommaListOfAuths, Flag)
    char *CommaListOfAuths;
    int Flag;

Description

The checkauths subroutine compares a comma-separated list of authorizations specified in the CommaListOfAuths parameter with the authorizations associated with the calling process. The Flag parameter specifies the type of checks the subroutine performs. If the Flag parameter specifies the CHECK_ANY value, and the calling process contains any of the authorizations specified in the CommaListOfAuths parameter, the subroutine returns the value of zero. If the Flag parameter specifies the CHECK_ALL value, and the calling process contains all of the authorizations that are specified in the CommaListOfAuths parameter, the subroutine returns the value of zero.

You can use the checkauths subroutine for both Enhanced and Legacy RBAC modes. The set of authorizations that are available to a process depends on the mode that the system is operating in. In Enhanced RBAC Mode, the set of authorizations comes from the current active role set of the process, while in Legacy RBAC Mode, the set of authorizations comes from all of the roles associated with the process owner.

Parameters

Return Values

If the process matches the required set of authorizations, the checkauths subroutine returns the value of zero. Otherwise, a value of -1 is returned and the errno value is set to indicate the error.

Error Codes

If the checkauths subroutine returns -1, one of the following errno values can be set: