[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]

Technical Reference: Base Operating System and Extensions , Volume 2


setpcred Subroutine

Purpose

Sets the current process credentials.

Library

Security Library (libc.a)

Syntax

#include <usersec.h>


int setpcred ( User,  Credentials)
char **Credentials;
char *User;

Description

The setpcred subroutine sets a process' credentials according to the Credentials parameter. If the User parameter is specified, the credentials defined for the user in the user database are used. If the Credentials parameter is specified, the credentials in this string are used. If both the User and Credentials parameters are specified, both the user's and the supplied credentials are used. However, the supplied credentials of the Credentials parameter will override those of the user. At least one parameter must be specified.

The setpcred subroutine requires the setpenv subroutine to follow it.

Note: If the auditwrite subroutine is to be called from a program invoked from the inittab file, the setpcred subroutine should be called first to establish the process' credentials.

User Specifies the user for whom credentials are being established.
Credentials Defines specific credentials to be established. This parameter points to an array of null-terminated character strings that may contain the following values. The last character string must be null.

LOGIN_USER=%s
Login user name

REAL_USER=%s
Real user name

REAL_GROUP=%s
Real group name

GROUPS=%s
Supplementary group ID

AUDIT_CLASSES=%s
Audit classes

RLIMIT_CPU=%d
Process soft CPU limit

RLIMIT_FSIZE=%d
Process soft file size

RLIMIT_DATA=%d
Process soft data segment size

RLIMIT_STACK=%d
Process soft stack segment size

RLIMIT_CORE=%d
Process soft core file size

RLIMIT_RSS=%d
Process soft resident set size

RLIMIT_CORE_HARD=%d
Process hard core file size

RLIMIT_CPU_HARD=%d
Process hard CPU limit

RLIMIT_DATA_HARD=%d
Process hard data segment size

RLIMIT_FSIZE_HARD=%d
Process hard file size

RLIMIT_RSS_HARD=%d
Process hard resident set size

RLIMIT_STACK_HARD=%d
Process hard stack segment size

UMASK=%o
Process umask (file creation mask)

A process must have root user authority to set all credentials except the UMASK credential.

Resource       Hard          Soft
 
RLIMIT_CORE    unlimited     %d
RLIMIT_CPU     %d            %d
RLIMIT_DATA    unlimited     %d
RLIMIT_FSIZE   %d            %d
RLIMIT_RSS     unlimited     %d
RLIMIT_STACK   unlimited     %d

The soft limit credentials will override the equivalent hard limit credentials that may proceed them. To set the hard limits, the hard limit credentials should follow the soft limit credentials.

Return Values

Upon successful return, the setpcred subroutine returns a value of 0. If setpcred fails, a value of -1 is returned and the errno global variable is set to indicate the error.

Error Codes

The setpcred subroutine fails if one or more of the following are true:

EINVAL The Credentials parameter contains invalid credentials specifications.
EINVAL The User parameter is null and the Credentials parameter is either null or points to an empty string.
EPERM The process does not have the proper authority to set the requested credentials.

Other errors may be set by subroutines invoked by the setpcred subroutine.

Implementation Specifics

This subroutine is part of Base Operating System (BOS) Runtime.

Related Information

The auditwrite subroutine, ckuseracct subroutine, ckuserID subroutine, getpcred subroutine, getpenv subroutine, setpenv (setpenv Subroutine) subroutine.

List of Security and Auditing Subroutines, Subroutines Overview in AIX 5L Version 5.1 General Programming Concepts: Writing and Debugging Programs.


[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]