setprivgrp(1M)setprivgrp(1M)NAMEsetprivgrp - set special privileges for groups
SYNOPSIS
groupname [privileges]
[privileges]
[privileges]
file
DESCRIPTION
The command associates a group with a list of privileges, thus provid‐
ing access to certain system capabilities for members of a particular
group or groups. The privileges can be displayed with the command (see
getprivgrp(1)).
Privileges can be granted to individual groups, as defined in the file,
and globally for all groups.
Only a superuser can use the command.
Options and Arguments
recognizes the following options and arguments:
privileges One or more of the keywords described below in
groupname The name of a group defined in the file named The
current privileges for groupname, if any, are
replaced by the specified privileges. To retain
prior privileges, they must be respecified.
Specify global privileges that apply to all groups.
The current privileges, if any, are replaced by
the specified privileges, To retain prior privi‐
leges, they must be respecified.
If no privileges are specified, delete all privileges
for all groups, including global privileges.
If one or more privileges are specified, delete
the specified privileges from the current privi‐
lege lists of all groups, including the global
privilege list, but do not delete unspecified
privileges.
Set the privileges according to entries in the file
file. This file is usually The entry formats are
described below in
Privileged Capabilities
The following system capabilities can be granted to groups:
Can use to change file ownerships (see chown(2)).
Can use to set locks on files that are open for reading
only (see lockf(2)).
Can use to lock process text and data into memory, and
the function to lock shared memory segments (see
plock(2) and shmctl(2)).
Can use to set real-time priorities (see rtprio(2)).
Can use and to set POSIX.4 real-time priorities (see
rtsched(2)).
Can use to force the target process to run serially with
other processes that are also marked by this sys‐
tem call (see serialize(2)).
Can use and to change, respectively, the real user ID and
real group ID of a process (see setuid(2) and
setgid(2)).
Allows certain administrative operations in the Process
Resource Manager (PRM) product. See that prod‐
uct's documentation for more information.
Allows certain administrative operations in the Instant
Capacity (iCAP) product. See that product's doc‐
umentation for more information.
Can change system pset configuration (see
pset_create(2)).
Can use to change processor binding, locality domain
binding or launch policy of a process (see
mpctl(2)).
Group Privileges File Format
The file specified with the option should contain one or more lines in
the following formats:
groupname [privileges]
[privileges]
[privileges]
They are described above in "Options and Arguments".
RETURN VALUE
exits with one of the following values:
Successful completion.
Failure.
AUTHOR
was developed by HP.
FILES
SEE ALSO
getprivgrp(1), chown(2), getprivgrp(2), lockf(2),
plock(2), rtprio(2), rtsched(2), serialize(2), setgid(2),
setuid(2), shmctl(2), mpctl(2), pset_create(2), priv‐
grp(4).
setprivgrp(1M)