Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > S


HP-UX 11i Version 3: February 2007

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index


setprivgrp — set special privileges for groups


setprivgrp groupname [privileges]

setprivgrp -g [privileges]

setprivgrp -n [privileges]

setprivgrp -f file


The setprivgrp command associates a group with a list of privileges, thus providing access to certain system capabilities for members of a particular group or groups. The privileges can be displayed with the getprivgrp command (see getprivgrp(1)).

Privileges can be granted to individual groups, as defined in the /etc/group file, and globally for all groups.

Only a superuser can use the setprivgrp command.

Options and Arguments

setprivgrp recognizes the following options and arguments:


One or more of the keywords described below in Privileged Capabilities.


The name of a group defined in the file named /etc/group. The current privileges for groupname, if any, are replaced by the specified privileges. To retain prior privileges, they must be respecified.


Specify global privileges that apply to all groups. The current privileges, if any, are replaced by the specified privileges, To retain prior privileges, they must be respecified.


If no privileges are specified, delete all privileges for all groups, including global privileges.

If one or more privileges are specified, delete the specified privileges from the current privilege lists of all groups, including the global privilege list, but do not delete unspecified privileges.

-f file

Set the privileges according to entries in the file file. This file is usually /etc/privgroup. The entry formats are described below in Group Privileges File Format.

Privileged Capabilities

The following system capabilities can be granted to groups:


Can use chown() to change file ownerships (see chown(2)).


Can use lockf() to set locks on files that are open for reading only (see lockf(2)).


Can use plock() to lock process text and data into memory, and the shmctl() SHM_LOCK function to lock shared memory segments (see plock(2) and shmctl(2)).


Can use rtprio() to set real-time priorities (see rtprio(2)).


Can use sched_setparam() and sched_setscheduler() to set POSIX.4 real-time priorities (see rtsched(2)).


Can use serialize() to force the target process to run serially with other processes that are also marked by this system call (see serialize(2)).


Can use setuid() and setgid() to change, respectively, the real user ID and real group ID of a process (see setuid(2) and setgid(2)).


Allows certain administrative operations in the Process Resource Manager (PRM) product. See that product's documentation for more information.


Allows certain administrative operations in the Instant Capacity (iCAP) product. See that product's documentation for more information.


Can change system pset configuration (see pset_create(2)).


Can use mpctl() to change processor binding, locality domain binding or launch policy of a process (see mpctl(2)).

Group Privileges File Format

The file specified with the -f option should contain one or more lines in the following formats:

  • groupname [privileges]

  • -g [privileges]

  • -n [privileges]

They are described above in "Options and Arguments".


setprivgrp exits with one of the following values:


Successful completion.




setprivgrp was developed by HP.




Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.