Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > P


HP-UX 11i Version 3: February 2007

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index


privgrp() — format of privileged values


#include <sys/privgrp.h>


setprivgrp() sets a mask of privileges, and getprivgrp(2) returns an array of structures giving privileged group assignments on a per-group-ID basis (see getprivgrp(2)). setprivgrp() associates a kernel capability with a group ID. This allows subletting of superuser-like privileges to members of a particular group or groups. The constants and structures needed for these system calls are defined in <sys/privgrp.h>.

Privileges are as follows:


Allows access to the rtprio() system call (see rtprio(2)).


Allows access to the plock() system call (see plock(2)).


Allows access to the chown() system calls (see chown(2)).


Permits the use of the lockf() system call for setting locks on files open for reading only (see lockf(2)).


Permits the use of the setuid() and setgid() system calls for changing respectively the real user ID and real group ID of a process (see setuid(2)).


Permits the use of the mpctl() system call for changing processor binding, locality domain binding or launch policy of a process (see mpctl(2)).


Allows access to the sched_setparam() and sched_setscheduler() to set POSIX.4 realtime priorities (see rtsched(2)).


Permits the use of serialize() for forcing the target process to run serially with other processes that are also marked by this system call (see serialize(2)).


Permits certain administrative operations in the Instant Capacity (iCAP) product for deactivation and reactivation of processors. See that product's documentation for more information.


Permits certain administrative operations in Process Resource Manager (PRM) product. See that product's documentation for more information.


Allows change to the system pset configuration (see pset_create(2)).

Privileges are described in a multiword mask. The value of the #define for each privilege is interpreted as a bit index (counting from 1). Thus a group ID can have several different privileges associated with it by having different bits ORed into the mask.

The system is configured with a specified maximum number of groups with special privileges. PRIV_MAXGRPS defines this maximum. Of this maximum, one is reserved for global privileges (granted to all processes) and the remainder can be assigned to actual group IDs.

PRIV_MASKSIZ defines the size of the multiword mask used in defining privileges associated with a group ID.

Privileges are returned to the user from the getprivgrp() system call in an array of structures of type struct privgrp_map. The structure associates a multiword mask with a group ID. The privgrp_map structure contains the fields:

gid_t priv_groupno uint32_t priv_mask[PRIV_MASKSIZ]

where priv_groupno contains the group ID (see setprivgrp(2)), and priv_mask contains the privilege mask associated with priv_groupno.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.