The Security kernel services provide methods for controlling the auditing system and for determining the access rights to objects for the invoking process.
The following services are security kernel services:
suser | Determines the privilege state of a process. |
audit_svcstart | Initiates an audit record for a system call. |
audit_svcbcopy | Appends event information to the current audit event buffer. |
audit_svcfinis | Writes an audit record for a kernel service. |
crcopy | Creates a copy of a security credentials structure. |
crdup | Creates a copy of the current security credentials structure. |
credential macros | Provide a means for accessing the user and group identifier fields within a credentials structure. |
crexport | Copies an internal format credentials structure to an external format credentials structure. |
crfree | Frees a security credentials structure. |
crget | Allocates a new, uninitialized security credentials structure. |
crhold | Increments the reference count of a security credentials structure. |
crref | Increments the reference count of the current security credentials structure. |
crset | Replaces the current security credentials structure. |
kcred_getcap | Copies a capability vector from a credentials structure. |
kcred_getgroups | Copies the concurrent group set from a credentials structure. |
kcred_getpag | Copies a process authentication group (PAG) ID from a credentials structure. |
kcred_getpagid | Returns the process authentication group (PAG) identifier for a PAG name. |
kcred_getpagname | Retrieves the name of a process authentication group (PAG). |
kcred_getpriv | Copies a privilege vector from a credentials structure. |
kcred_setcap | Copies a capabilities set into a credentials structure. |
kcred_setgroups | Copies a concurrent group set into a credentials structure. |
kcred_setpag | Copies a process authentication group ID into a credentials structure. |
kcred_setpagname | Copies a process authentication group ID into a credentials structure. |
kcred_setpriv | Copies a privilege vector into a credentials structure. |