capng_change_id man page on Archlinux

Man page or keyword search:  
man Server   11224 pages
apropos Keyword Search (all sections)
Output format
Archlinux logo
[printable version]


       capng_change_id - change the credentials retaining capabilities

       #include <cap-ng.h>

       int capng_change_id(int uid, int gid, capng_flags_t flag);

       This function will change uid and gid to the ones given while retaining
       the capabilities previously specified in capng_update. It is not neces‐
       sary  and  perhaps  better  if capng_apply has not been called prior to
       this function so that all necessary privileges are  still  intact.  The
       caller  is  required to have CAP_SETPCAP capability still active before
       calling this function.

       This function also takes a flag parameter  that	helps  to  tailor  the
       exact  actions performed by the function to secure the environment. The
       option may be or'ed together. The legal values are:

		     Simply change uid and retain specified  capabilities  and
		     that's all.

		     After  changing id, remove and supplement groups that may
		     come with the account.

		     After changing the uid and gid, clear  the	 bounding  set
		     regardless to the internal representation already setup.

       This  returns  0	 on success and a negative number on failure. -1 means
       capng has not been initted properly, -2 means a failure	requesting  to
       keep  capabilities  across  the	uid change, -3 means that applying the
       intermediate capabilities failed, -4  means  changing  gid  failed,  -5
       means  dropping	supplemental  groups failed, -6 means changing the uid
       failed, -7 means dropping the ability  to  retain  caps	across	a  uid
       change  failed,	-8  means  clearing  the bounding set failed, -9 means
       dropping CAP_SETPCAP failed.

       Note: the only safe action to do upon failure of this  function	is  to
       probably	 exit. This is because you are likely in a situation with par‐
       tial permissions and not what you intended.

       capng_update(3), capng_apply(3), prctl(2), capabilities(7)

       Steve Grubb

Red Hat				   June 2009		    CAPNG_CHANGE_ID(3)

List of man pages available for Archlinux

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net