HPUX setprivgrp[1m]
setprivgrp in anderen Kapiteln des hpux Handbuch:
setprivgrp.2
setprivgrp(1M) setprivgrp(1M)
NAME
setprivgrp - set special attributes for group
SYNOPSIS
setprivgrp group_name [privileges]
setprivgrp -g [privileges]
setprivgrp -n [privileges]
setprivgrp -f file
DESCRIPTION
setprivgrp associates a group with a system capability, thus providing
a means for providing access to certain super-user-like privileges to
members of a particular group or groups. The command can take one of
four forms as shown above.
Options
If no option is specified (first form), group_name is given access to
the specified privileges.
The following options (remaining three forms) grant privileges to all
groups or no groups, or obtain privilege information from a specified
file:
-g All groups have access to the specified privileges.
-n No groups have access to the specifed privileges.
-f Privileges are granted as specified in the file
identified by file which is usually /etc/privgroup.
Privileged Capabilities
System capabilities that can be granted to privileged groups by the
setprivgrp command are:
RTPRIO Can use rtprio() for setting real-time priorities
(see rtprio(2).
MLOCK Can use plock() for locking process text and data
into memory, and the shmctl() SHM_LOCK function to
lock shared memory segments (see plock(2) and
shmctl(2).
CHOWN Can use chown() to change file ownerships (see
chown(2).
LOCKRDONLY Can use lockf() to set locks on files that are
open for reading only (see lockf(2).
SETRUGID Can use setuid() and setgid() to change,
respectively, the real user ID or real group ID of
a process (see setuid(2) and setgid(2).
Hewlett-Packard Company - 1 - HP-UX Release 9.0: August 1992
setprivgrp(1M) setprivgrp(1M)
If privileges is absent in the command line (or in file if the -f
option is specified), any currently assigned privileges are removed
for the corresponding group or groups. Note that capabilities set by
this command are not added to existing capabilities for the same
group. To add a capability for a particular group, you must respecify
all capabilities that were already set for that group, as well as the
new capability.
Group Privileges File Format
The file specifed with the -f option should contain one or more lines
in the following format:
group_name [privileges]
-g [privileges]
-n [privileges]
ERRORS
setprivgrp returns 1 if the user is not super-user, and 2 if there is
not enough table space to hold a new privileged group assignment.
WARNINGS
In the HP Clustered environment, group privileges apply only the the
cluster node on which they are set. For example, to grant the RTPRIO
privilege to members of group project ln cluster clients client1 and
client2, run the setprivgrp command twice, once on client1 and again
on client2. The CHOWN privilege is different: if a group has CHOWN
privilege on the cluster server, it will have the privilege on all
cluster clients as well.
Only users with appropriate privileges can use the setprivgrp command.
AUTHOR
setprivgrp was developed by HP.
FILES
/etc/privgroup
/etc/group
SEE ALSO
getprivgrp(1), chown(2), getprivgrp(2), lockf(2), plock(2), rtprio(2),
setuid(2), shmctl(2), privgrp(4), privilege(5).
Hewlett-Packard Company - 2 - HP-UX Release 9.0: August 1992