]>
Commit | Line | Data |
---|---|---|
fea681da | 1 | .\" Copyright (C) 1997 Andries Brouwer (aeb@cwi.nl) |
ab09119b | 2 | .\" and Copyright (C) 2005, 2010, 2014, 2015, Michael Kerrisk <mtk.manpages@gmail.com> |
fea681da | 3 | .\" |
93015253 | 4 | .\" %%%LICENSE_START(VERBATIM) |
fea681da MK |
5 | .\" Permission is granted to make and distribute verbatim copies of this |
6 | .\" manual provided the copyright notice and this permission notice are | |
7 | .\" preserved on all copies. | |
8 | .\" | |
9 | .\" Permission is granted to copy and distribute modified versions of this | |
10 | .\" manual under the conditions for verbatim copying, provided that the | |
11 | .\" entire resulting derived work is distributed under the terms of a | |
12 | .\" permission notice identical to this one. | |
c13182ef | 13 | .\" |
fea681da MK |
14 | .\" Since the Linux kernel and libraries are constantly changing, this |
15 | .\" manual page may be incorrect or out-of-date. The author(s) assume no | |
16 | .\" responsibility for errors or omissions, or for damages resulting from | |
17 | .\" the use of the information contained herein. The author(s) may not | |
18 | .\" have taken the same level of care in the production of this manual, | |
19 | .\" which is licensed free of charge, as they might when working | |
20 | .\" professionally. | |
c13182ef | 21 | .\" |
fea681da MK |
22 | .\" Formatted or processed versions of this manual, if unaccompanied by |
23 | .\" the source, must acknowledge the copyright and authors of this work. | |
4b72fb64 | 24 | .\" %%%LICENSE_END |
fea681da | 25 | .\" |
c11b1abf | 26 | .\" Modified, 2003-05-26, Michael Kerrisk, <mtk.manpages@gmail.com> |
1e64c86b | 27 | .TH SETRESUID 2 2015-03-29 "Linux" "Linux Programmer's Manual" |
fea681da MK |
28 | .SH NAME |
29 | setresuid, setresgid \- set real, effective and saved user or group ID | |
30 | .SH SYNOPSIS | |
b80f966b | 31 | .BR "#define _GNU_SOURCE" " /* See feature_test_macros(7) */" |
fea681da MK |
32 | .br |
33 | .B #include <unistd.h> | |
34 | .sp | |
35 | .BI "int setresuid(uid_t " ruid ", uid_t " euid ", uid_t " suid ); | |
36 | .br | |
c13182ef | 37 | .BI "int setresgid(gid_t " rgid ", gid_t " egid ", gid_t " sgid ); |
fea681da | 38 | .SH DESCRIPTION |
e511ffb6 | 39 | .BR setresuid () |
d9df8ff8 | 40 | sets the real user ID, the effective user ID, and the |
a1ffe9f5 | 41 | saved set-user-ID of the calling process. |
fea681da | 42 | |
d9df8ff8 MK |
43 | Unprivileged user processes |
44 | may change the real UID, | |
45 | effective UID, and saved set-user-ID, each to one of: | |
c13182ef | 46 | the current real UID, the current effective UID or the |
d9df8ff8 | 47 | current saved set-user-ID. |
fea681da | 48 | |
0b9bdf82 | 49 | Privileged processes (on Linux, those having the \fBCAP_SETUID\fP capability) |
c13182ef | 50 | may set the real UID, effective UID, and |
d9df8ff8 | 51 | saved set-user-ID to arbitrary values. |
fea681da | 52 | |
c4bb193f | 53 | If one of the arguments equals \-1, the corresponding value is not changed. |
fea681da | 54 | |
bb40bc01 | 55 | Regardless of what changes are made to the real UID, effective UID, |
9ee4a2b6 | 56 | and saved set-user-ID, the filesystem UID is always set to the same |
bb40bc01 MK |
57 | value as the (possibly new) effective UID. |
58 | ||
fea681da | 59 | Completely analogously, |
e511ffb6 | 60 | .BR setresgid () |
c13182ef | 61 | sets the real GID, effective GID, and saved set-group-ID |
9ee4a2b6 | 62 | of the calling process (and always modifies the filesystem GID |
bb40bc01 | 63 | to be the same as the effective GID), |
60b9e97c | 64 | with the same restrictions for unprivileged processes. |
47297adb | 65 | .SH RETURN VALUE |
c13182ef MK |
66 | On success, zero is returned. |
67 | On error, \-1 is returned, and | |
fea681da MK |
68 | .I errno |
69 | is set appropriately. | |
f673b783 MK |
70 | |
71 | .IR Note : | |
72 | there are cases where | |
73 | .BR setresuid () | |
74 | can fail even when the caller is UID 0; | |
29d3bdc4 | 75 | it is a grave security error to omit checking for a failure return from |
f673b783 | 76 | .BR setresuid (). |
fea681da MK |
77 | .SH ERRORS |
78 | .TP | |
79 | .B EAGAIN | |
199f1e15 MK |
80 | The call would change the caller's real UID (i.e., |
81 | .I ruid | |
82 | does not match the caller's real UID), | |
83 | but there was a temporary failure allocating the | |
84 | necessary kernel data structures. | |
85 | .TP | |
86 | .B EAGAIN | |
c5e8af4d MK |
87 | .I ruid |
88 | does not match the caller's real UID and this call would | |
89 | bring the number of processes belonging to the real user ID | |
90 | .I ruid | |
91 | over the caller's | |
0daa9e92 | 92 | .B RLIMIT_NPROC |
2f0af33b | 93 | resource limit. |
19d889b3 MK |
94 | Since Linux 3.1, this error case no longer occurs |
95 | (but robust applications should check for this error); | |
96 | see the description of | |
97 | .B EAGAIN | |
98 | in | |
99 | .BR execve (2). | |
fea681da | 100 | .TP |
0076479c MK |
101 | .B EINVAL |
102 | One or more of the target user or group IDs | |
103 | is not valid in this user namespace. | |
104 | .TP | |
fea681da | 105 | .B EPERM |
0b9bdf82 | 106 | The calling process is not privileged (did not have the \fBCAP_SETUID\fP |
d3c8b3e9 | 107 | capability) and tried to change the IDs to values that are not permitted. |
a1d5f77c MK |
108 | .SH VERSIONS |
109 | These calls are available under Linux since Linux 2.1.44. | |
47297adb | 110 | .SH CONFORMING TO |
c8f2dd47 | 111 | These calls are nonstandard; |
97c1eac8 | 112 | they also appear on HP-UX and some of the BSDs. |
fea681da | 113 | .SH NOTES |
1e7eb3a7 | 114 | Under HP-UX and FreeBSD, the prototype is found in |
fea681da | 115 | .IR <unistd.h> . |
eb9a0b2f | 116 | Under Linux, the prototype is provided by glibc since version 2.3.2. |
ea03a3ac MK |
117 | |
118 | The original Linux | |
119 | .BR setresuid () | |
120 | and | |
121 | .BR setresgid () | |
122 | system calls supported only 16-bit user and group IDs. | |
c5662d5d | 123 | Subsequently, Linux 2.4 added |
ea03a3ac MK |
124 | .BR setresuid32 () |
125 | and | |
126 | .BR setresgid32 (), | |
127 | supporting 32-bit IDs. | |
128 | The glibc | |
129 | .BR setresuid () | |
130 | and | |
131 | .BR setresgid () | |
132 | wrapper functions transparently deal with the variations across kernel versions. | |
ab09119b MK |
133 | .\" |
134 | .SS C library/kernel ABI differences | |
135 | At the kernel level, user IDs and group IDs are a per-thread attribute. | |
136 | However, POSIX requires that all threads in a process | |
137 | share the same credentials. | |
138 | The NPTL threading implementation handles the POSIX requirements by | |
139 | providing wrapper functions for | |
140 | the various system calls that change process UIDs and GIDs. | |
141 | These wrapper functions (including those for | |
142 | .BR setresuid () | |
143 | and | |
144 | .BR setresgid ()) | |
145 | employ a signal-based technique to ensure | |
146 | that when one thread changes credentials, | |
147 | all of the other threads in the process also change their credentials. | |
148 | For details, see | |
149 | .BR nptl (7). | |
47297adb | 150 | .SH SEE ALSO |
fea681da MK |
151 | .BR getresuid (2), |
152 | .BR getuid (2), | |
bb40bc01 | 153 | .BR setfsgid (2), |
f0c34053 | 154 | .BR setfsuid (2), |
fea681da MK |
155 | .BR setreuid (2), |
156 | .BR setuid (2), | |
0a90178c | 157 | .BR capabilities (7), |
0076479c | 158 | .BR credentials (7), |
f58fb24f | 159 | .BR user_namespaces (7) |