]>
Commit | Line | Data |
---|---|---|
fea681da | 1 | .\" Copyright (C) 1997 Andries Brouwer (aeb@cwi.nl) |
ab09119b | 2 | .\" and Copyright (C) 2005, 2010, 2014, 2015, Michael Kerrisk <mtk.manpages@gmail.com> |
fea681da | 3 | .\" |
93015253 | 4 | .\" %%%LICENSE_START(VERBATIM) |
fea681da MK |
5 | .\" Permission is granted to make and distribute verbatim copies of this |
6 | .\" manual provided the copyright notice and this permission notice are | |
7 | .\" preserved on all copies. | |
8 | .\" | |
9 | .\" Permission is granted to copy and distribute modified versions of this | |
10 | .\" manual under the conditions for verbatim copying, provided that the | |
11 | .\" entire resulting derived work is distributed under the terms of a | |
12 | .\" permission notice identical to this one. | |
c13182ef | 13 | .\" |
fea681da MK |
14 | .\" Since the Linux kernel and libraries are constantly changing, this |
15 | .\" manual page may be incorrect or out-of-date. The author(s) assume no | |
16 | .\" responsibility for errors or omissions, or for damages resulting from | |
17 | .\" the use of the information contained herein. The author(s) may not | |
18 | .\" have taken the same level of care in the production of this manual, | |
19 | .\" which is licensed free of charge, as they might when working | |
20 | .\" professionally. | |
c13182ef | 21 | .\" |
fea681da MK |
22 | .\" Formatted or processed versions of this manual, if unaccompanied by |
23 | .\" the source, must acknowledge the copyright and authors of this work. | |
4b72fb64 | 24 | .\" %%%LICENSE_END |
fea681da | 25 | .\" |
c11b1abf | 26 | .\" Modified, 2003-05-26, Michael Kerrisk, <mtk.manpages@gmail.com> |
b8efb414 | 27 | .TH SETRESUID 2 2016-10-08 "Linux" "Linux Programmer's Manual" |
fea681da MK |
28 | .SH NAME |
29 | setresuid, setresgid \- set real, effective and saved user or group ID | |
30 | .SH SYNOPSIS | |
b80f966b | 31 | .BR "#define _GNU_SOURCE" " /* See feature_test_macros(7) */" |
fea681da MK |
32 | .br |
33 | .B #include <unistd.h> | |
34 | .sp | |
35 | .BI "int setresuid(uid_t " ruid ", uid_t " euid ", uid_t " suid ); | |
36 | .br | |
c13182ef | 37 | .BI "int setresgid(gid_t " rgid ", gid_t " egid ", gid_t " sgid ); |
fea681da | 38 | .SH DESCRIPTION |
e511ffb6 | 39 | .BR setresuid () |
d9df8ff8 | 40 | sets the real user ID, the effective user ID, and the |
a1ffe9f5 | 41 | saved set-user-ID of the calling process. |
fea681da | 42 | |
0e332aef | 43 | An unprivileged process may change its real UID, |
d9df8ff8 | 44 | effective UID, and saved set-user-ID, each to one of: |
c13182ef | 45 | the current real UID, the current effective UID or the |
d9df8ff8 | 46 | current saved set-user-ID. |
fea681da | 47 | |
0e332aef MK |
48 | A privileged process (on Linux, one having the \fBCAP_SETUID\fP capability) |
49 | may set its real UID, effective UID, and | |
d9df8ff8 | 50 | saved set-user-ID to arbitrary values. |
fea681da | 51 | |
c4bb193f | 52 | If one of the arguments equals \-1, the corresponding value is not changed. |
fea681da | 53 | |
bb40bc01 | 54 | Regardless of what changes are made to the real UID, effective UID, |
9ee4a2b6 | 55 | and saved set-user-ID, the filesystem UID is always set to the same |
bb40bc01 MK |
56 | value as the (possibly new) effective UID. |
57 | ||
fea681da | 58 | Completely analogously, |
e511ffb6 | 59 | .BR setresgid () |
c13182ef | 60 | sets the real GID, effective GID, and saved set-group-ID |
9ee4a2b6 | 61 | of the calling process (and always modifies the filesystem GID |
bb40bc01 | 62 | to be the same as the effective GID), |
60b9e97c | 63 | with the same restrictions for unprivileged processes. |
47297adb | 64 | .SH RETURN VALUE |
c13182ef MK |
65 | On success, zero is returned. |
66 | On error, \-1 is returned, and | |
fea681da MK |
67 | .I errno |
68 | is set appropriately. | |
f673b783 MK |
69 | |
70 | .IR Note : | |
71 | there are cases where | |
72 | .BR setresuid () | |
73 | can fail even when the caller is UID 0; | |
29d3bdc4 | 74 | it is a grave security error to omit checking for a failure return from |
f673b783 | 75 | .BR setresuid (). |
fea681da MK |
76 | .SH ERRORS |
77 | .TP | |
78 | .B EAGAIN | |
199f1e15 MK |
79 | The call would change the caller's real UID (i.e., |
80 | .I ruid | |
81 | does not match the caller's real UID), | |
82 | but there was a temporary failure allocating the | |
83 | necessary kernel data structures. | |
84 | .TP | |
85 | .B EAGAIN | |
c5e8af4d MK |
86 | .I ruid |
87 | does not match the caller's real UID and this call would | |
88 | bring the number of processes belonging to the real user ID | |
89 | .I ruid | |
90 | over the caller's | |
0daa9e92 | 91 | .B RLIMIT_NPROC |
2f0af33b | 92 | resource limit. |
19d889b3 MK |
93 | Since Linux 3.1, this error case no longer occurs |
94 | (but robust applications should check for this error); | |
95 | see the description of | |
96 | .B EAGAIN | |
97 | in | |
98 | .BR execve (2). | |
fea681da | 99 | .TP |
0076479c MK |
100 | .B EINVAL |
101 | One or more of the target user or group IDs | |
102 | is not valid in this user namespace. | |
103 | .TP | |
fea681da | 104 | .B EPERM |
fb03f4ad MK |
105 | The calling process is not privileged (did not have the necessary |
106 | capability in its user namespace) | |
107 | and tried to change the IDs to values that are not permitted. | |
108 | For | |
109 | .BR setresuid (), | |
110 | the necessary capability is | |
111 | .BR CAP_SETUID ; | |
112 | for | |
113 | .BR setresgid (), | |
114 | it is | |
115 | .BR CAP_SETGID . | |
a1d5f77c MK |
116 | .SH VERSIONS |
117 | These calls are available under Linux since Linux 2.1.44. | |
47297adb | 118 | .SH CONFORMING TO |
c8f2dd47 | 119 | These calls are nonstandard; |
97c1eac8 | 120 | they also appear on HP-UX and some of the BSDs. |
fea681da | 121 | .SH NOTES |
1e7eb3a7 | 122 | Under HP-UX and FreeBSD, the prototype is found in |
fea681da | 123 | .IR <unistd.h> . |
eb9a0b2f | 124 | Under Linux, the prototype is provided by glibc since version 2.3.2. |
ea03a3ac MK |
125 | |
126 | The original Linux | |
127 | .BR setresuid () | |
128 | and | |
129 | .BR setresgid () | |
130 | system calls supported only 16-bit user and group IDs. | |
c5662d5d | 131 | Subsequently, Linux 2.4 added |
ea03a3ac MK |
132 | .BR setresuid32 () |
133 | and | |
134 | .BR setresgid32 (), | |
135 | supporting 32-bit IDs. | |
136 | The glibc | |
137 | .BR setresuid () | |
138 | and | |
139 | .BR setresgid () | |
140 | wrapper functions transparently deal with the variations across kernel versions. | |
ab09119b | 141 | .\" |
0722a578 | 142 | .SS C library/kernel differences |
ab09119b MK |
143 | At the kernel level, user IDs and group IDs are a per-thread attribute. |
144 | However, POSIX requires that all threads in a process | |
145 | share the same credentials. | |
146 | The NPTL threading implementation handles the POSIX requirements by | |
147 | providing wrapper functions for | |
148 | the various system calls that change process UIDs and GIDs. | |
149 | These wrapper functions (including those for | |
150 | .BR setresuid () | |
151 | and | |
152 | .BR setresgid ()) | |
153 | employ a signal-based technique to ensure | |
154 | that when one thread changes credentials, | |
155 | all of the other threads in the process also change their credentials. | |
156 | For details, see | |
157 | .BR nptl (7). | |
47297adb | 158 | .SH SEE ALSO |
fea681da MK |
159 | .BR getresuid (2), |
160 | .BR getuid (2), | |
bb40bc01 | 161 | .BR setfsgid (2), |
f0c34053 | 162 | .BR setfsuid (2), |
fea681da MK |
163 | .BR setreuid (2), |
164 | .BR setuid (2), | |
0a90178c | 165 | .BR capabilities (7), |
0076479c | 166 | .BR credentials (7), |
f58fb24f | 167 | .BR user_namespaces (7) |