irix-657m-src/eoe/man/man2/setuid.2

'\"macro stdmacro
.if n .pH g2.setuid @(#)setuid	41.7 of 5/26/91
.\" Copyright 1991 UNIX System Laboratories, Inc.
.\" Copyright 1989, 1990 AT&T
.nr X
.if \nX=0 .ds x} setuid 2 "" "\&"
.if \nX=1 .ds x} setuid 2 ""
.if \nX=2 .ds x} setuid 2 "" "\&"
.if \nX=3 .ds x} setuid "" "" "\&"
.TH \*(x}
.SH NAME
\f4setuid\f1, \f4setgid\f1 \- set user and group \s-1ID\s+1s
.SH SYNOPSIS
\f4#include <sys/types.h>\f1
.br
\f4#include <unistd.h>\f1
.PP
\f4int setuid(uid_t uid);\f1
.PP
\f4int setgid(gid_t gid);\f1
.SH DESCRIPTION
The \f4setuid\f1 system call sets the real user \s-1ID\s+1,
effective user \s-1ID\s+1, and saved user
.SM ID
of the calling process.
The \f4setgid\f1 system call sets the real group \s-1ID\s+1,
effective group \s-1ID\s+1, and saved group \s-1ID\s+1 of the calling process.
.P
At login time, the real user \s-1ID\s+1, effective user \s-1ID\s+1, and saved user \s-1ID\s+1
of the login process are set to the login \s-1ID\s+1 of the user responsible
for the creation of the process.
The same is true for the real, effective, and saved group \s-1ID\s+1s;
they are set to the group \s-1ID\s+1 of the user responsible for the
creation of the process.
.P
When a process calls \f4exec\f1(2) to execute a file (program), the user
and/or group identifiers associated with the process can change:
.IP
The real user and group \s-1ID\s+1s are always set to the real
user and group \s-1ID\s+1s of the process calling \f4exec\fP.
.IP
The saved user and group \s-1ID\s+1s of the new process are always
set to the effective user and group \s-1ID\s+1s of the process
calling \f4exec\fP.
.IP
If the file executed is not a set-user-\s-1ID\s+1 or set-group-\s-1ID\s+1
file, the effective user and group \s-1ID\s+1s of the new process are set to the
effective user and group \s-1ID\s+1s of the process calling \f4exec\fP.
.IP
If the file executed is a set-user-\s-1ID\s+1 file, the effective user
\s-1ID\s+1 of the new process is set to the owner \s-1ID\s+1 of the executed file.
.IP
If the file executed is a set-group-\s-1ID\s+1 file, the effective group
\s-1ID\s+1 of the new process is set to the group \s-1ID\s+1 of the executed file.
.P
The following subsections describe the behavior of \f4setuid\f1 and
\f4setgid\f1 with respect to the three types of user and group \s-1ID\s+1s.
.SS "\f4setuid\f1"
If the calling process has the \f4super-user\fP privilege,
the real, effective, and saved user \s-1ID\s+1s are set to the
\f2uid\f1 parameter.
.P
If the calling process does not have the \f4super-user\fP privilege,
but \f2uid\f1 is either the real user
.SM ID
or the saved user
.SM ID
of the
calling process, the effective user
.SM ID
is set to \f2uid\f1.
.SS "\f4setgid\f1"
If the calling process has the \f4super-user\fP privilege,
the real, effective, and saved group \s-1ID\s+1s are set to the
\f2gid\f1 parameter.
.P
If the calling process does not have the \f4super-user\fP privilege,
but \f2gid\f1 is either the real group
.SM ID
or the saved group
.SM ID
of the
calling process, the effective group
.SM ID
is set to \f2gid\f1.
.P
\f4setuid\f1 and \f4setgid\f1 fail if one or more of the following
is true:
.TP 10
\f4EPERM\fP
For \f4setuid\f1,
the calling process does not have the \f4super-user\fP privilege
and the \f2uid\f1 parameter does not match either the real or saved
user \s-1ID\s+1s.
For \f4setgid\f1,
the calling process does not have the \f4super-user\fP privilege
and the \f2gid\f1
parameter does not match either the real or saved group \s-1ID\s+1s.
.TP
\f4EINVAL\fP
The \f2uid\f1 or \f2gid\f1 is out of range.
.SH DIAGNOSTICS
Upon successful completion, a value of 0 is returned.
Otherwise, a value of \-1 is returned and
\f4errno\fP
is set to indicate the error.
.SH "SEE ALSO"
\f4intro\fP(2),
\f4exec\fP(2), \f4getgroups\fP(2), \f4getuid\fP(2),
\f4stat\fP(5).
.\"	@(#)setuid.2	6.2 of 9/6/83
.Ee