privgrp(4)privgrp(4)NAMEprivgrp() - format of privileged values
sets a mask of privileges, and getprivgrp(2) returns an array of struc‐
tures giving privileged group assignments on a per-group-ID basis (see
getprivgrp(2)). associates a kernel capability with a group ID. This
allows subletting of superuser-like privileges to members of a particu‐
lar group or groups. The constants and structures needed for these
system calls are defined in
Privileges are as follows:
Allows access to the system call (see rtprio(2)).
Allows access to the system call (see plock(2)).
Allows access to the system calls (see chown(2)).
Permits the use of the system call for setting locks on files
open for reading only (see lockf(2)).
Permits the use of the and system calls for changing respec‐
tively the real user ID and real group
ID of a process (see setuid(2)).
Permits the use of the system call for changing processor
binding, locality domain binding or
launch policy of a process (see
Allows access to the and to set POSIX.4 realtime priorities
Permits the use of for forcing the target process to run
serially with other processes that are
also marked by this system call (see
Permits certain administrative operations in the
Instant Capacity (iCAP) product for
deactivation and reactivation of pro‐
cessors. See that product's documenta‐
tion for more information.
Permits certain administrative operations in
Process Resource Manager (PRM) product.
See that product's documentation for
Allows change to the system pset configuration
Privileges are described in a multiword mask. The value of the for
each privilege is interpreted as a bit index (counting from 1). Thus a
group ID can have several different privileges associated with it by
having different bits ORed into the mask.
The system is configured with a specified maximum number of groups with
special privileges. defines this maximum. Of this maximum, one is
reserved for global privileges (granted to all processes) and the
remainder can be assigned to actual group IDs.
defines the size of the multiword mask used in defining privileges
associated with a group ID.
Privileges are returned to the user from the system call in an array of
structures of type The structure associates a multiword mask with a
group ID. The privgrp_map structure contains the fields:
where priv_groupno contains the group ID (see setprivgrp(2)), and
priv_mask contains the privilege mask associated with priv_groupno.
SEE ALSOgetprivgrp(1), setprivgrp(1M), chown(2), getprivgrp(2), lockf(2),
mpctl(2), plock(2), pset_create(2), rtprio(2), rtsched(2), serial‐
ize(2), setgid(2), setuid(2), shmctl(2).