|
|
Use the filepriv system call to set, retrieve, or count the privileges associated with a file (see filepriv(2)). An administrative command also provides these same basic functions (see filepriv(1M)).
The filepriv system call has three command types:
Some of the above command types require a list of privileges or return such a list. PUTPRV requires an array of privilege descriptors that lists the privileges to be set. A privilege descriptor is an integral data type that is assigned a value defining the privilege and the set it is in. Functions have been defined to make this task simplier. Use pm_inher to indicate an inheritable privilege. For example, pm_fixed(P_DACREAD) would indicate the P_DACREAD privilege in the fixed set. Similarly pm_inher(P_MACREAD) would indicate the P_MACREAD privilege in the inheritable set.
``Setting file privileges'' shows a code fragment that sets file privileges. Some of the privilege sets indicated in this example may or may not exist or be valid for your particular system.
#include <priv.h>priv_t privd[3]; /* * Set P_DACREAD and P_DACWRITE as inheritable and * P_SETUID as fixed for file /sbin/testprog. * This process must have P_SETFPRIV, P_DACREAD, P_DACWRITE, and * P_SETUID in its maximum set. */ privd[0] = pm_inher(P_DACREAD); privd[1] = pm_inher(P_DACWRITE); privd[2] = pm_fixed(P_SETUID); if (filepriv("/sbin/testprog", PUTPRV, privd, 3) == -1) { /* Some error occurred, display the error and exit. */ perror("filepriv PUTPRV error"); exit(1); }
Setting file privileges
In this example, privileges are being set for the executable file /sbin/testprog. The privileges P_DACREAD and P_DACWRITE are made inheritable, while P_SETUID is made fixed. pm_inher and pm_fixed are used to assign values to the privilege descriptors; the pm_inher function marks P_DACREAD and P_DACWRITE as inheritable while pm_fixed marks P_SETUID as fixed. The call to filepriv using PUTPRV will set the indicated privileges for the file. If an error occurred, perror is called to display an error message (see perror(3C)) and the program terminates.
Use the GETPRV command for the filepriv system call to determine the privileges associated with a file. This command also requires a pointer to an array of privilege descriptors. You must ensure that the array is large enough to contain all the privileges associated with the file.
``Retrieving file privileges'' shows a code fragment that will retrieve the privileges associated with a file.
#include <priv.h>priv_t *privp; int cnt; /* * Determine the number of privileges for /sbin/testprog. */ if ((cnt = filepriv("/sbin/testprog", CNTPRV, (priv_t *)0, 0)) == -1) { /* filepriv failed; display error and exit. */ perror("filepriv CNTPRV error"); exit(1); } if (cnt > 0) { /* * malloc some memory and get the privileges. */ if ((privp = (priv_t *)malloc(cnt * sizeof(priv_t)) == NULL) { exit(1); /* Couldn't malloc so exit. */ } if (filepriv("/sbin/testprog", GETPRV, privp, cnt) == -1) { /* filepriv failed; display error and exit. */ perror("filepriv GETPRV error"); exit(1); } }
Retrieving file privileges
In this example, the CNTPRV command is used to determine the number of privileges. This number is then used to determine the amount of memory to request when calling malloc for an array large enough to contain all the privileges (see malloc(3C)). filepriv is then called with the GETPRV command to retrieve the actual privileges.