secadvise(2)
secadvise --
get kernel advisory access information
Synopsis
#include <sys/secsys.h>
int secadvise(struct obj_attr *obj, int cmd, struct sub_attr *sub);
Description
The secadvise system call is used to get advisory
access information from the kernel.
The obj argument points to a structure containing the
attributes for an object.
This structure is defined with at least the following members:
uid_t uid;
gid_t gid;
mode_t mode;
level_t lid;
The level_t argument is currently unused.
The cmd argument determines the requested access.
The sub argument points to a structure
containing the attributes for a subject.
The subject structure is retrieved through the I_S_RECVFD
command of the ioctl system call.
secadvise recognizes the following commands:
SA_SUBSIZE-
Returns the size of the subject attributes structure.
The obj and sub arguments are ignored.
This command is provided so that future changes to
the kernel can happen without recompilation of the
application program.
SA_READ-
Determines whether sub has read access to obj.
If this command succeeds, it returns 0 to the calling process.
This call will fail, returning -1, if one or more of the following
is true:
EACCES-
if sub does not have read access to obj.
EFAULT-
if obj or sub points outside the allocated address
space for the process.
SA_WRITE-
Determines whether sub has write access to obj.
If this command succeeds, it returns 0 to the calling process.
This call will fail, returning -1, if one or more of the following
is true:
EACCES-
if sub does not have write access to obj.
EFAULT-
if obj or sub points outside the allocated address
space for the process.
SA_EXEC-
Determines whether sub has execute access to obj.
If this command succeeds, it returns 0 to the calling process.
This call will fail, returning -1, if one or more of the following
is true:
EACCES-
if sub does not have execute access to obj.
EFAULT-
if obj or sub points outside the allocated address
space for the process.
Return values
Return values for secadvise depend on cmd and are described above.
Errors for secadvise depend on cmd and are described above.
References
ioctl(2),
streamio(7)
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004