]>
Commit | Line | Data |
---|---|---|
fea681da MK |
1 | .\" Copyright (C) 1995, Thomas K. Dyas <tdyas@eden.rutgers.edu> |
2 | .\" | |
4b72fb64 | 3 | .\" %%%LICENSE_START(verbatim) |
fea681da MK |
4 | .\" Permission is granted to make and distribute verbatim copies of this |
5 | .\" manual provided the copyright notice and this permission notice are | |
6 | .\" preserved on all copies. | |
7 | .\" | |
8 | .\" Permission is granted to copy and distribute modified versions of this | |
9 | .\" manual under the conditions for verbatim copying, provided that the | |
10 | .\" entire resulting derived work is distributed under the terms of a | |
11 | .\" permission notice identical to this one. | |
c13182ef | 12 | .\" |
fea681da MK |
13 | .\" Since the Linux kernel and libraries are constantly changing, this |
14 | .\" manual page may be incorrect or out-of-date. The author(s) assume no | |
15 | .\" responsibility for errors or omissions, or for damages resulting from | |
16 | .\" the use of the information contained herein. The author(s) may not | |
17 | .\" have taken the same level of care in the production of this manual, | |
18 | .\" which is licensed free of charge, as they might when working | |
19 | .\" professionally. | |
c13182ef | 20 | .\" |
fea681da MK |
21 | .\" Formatted or processed versions of this manual, if unaccompanied by |
22 | .\" the source, must acknowledge the copyright and authors of this work. | |
4b72fb64 | 23 | .\" %%%LICENSE_END |
fea681da MK |
24 | .\" |
25 | .\" Created 1995-08-06 Thomas K. Dyas <tdyas@eden.rutgers.edu> | |
26 | .\" Modified 2000-07-01 aeb | |
27 | .\" Modified 2002-07-23 aeb | |
c11b1abf | 28 | .\" Modified, 27 May 2004, Michael Kerrisk <mtk.manpages@gmail.com> |
fea681da MK |
29 | .\" Added notes on capability requirements |
30 | .\" | |
ae67a2cd | 31 | .TH SETFSUID 2 2010-11-22 "Linux" "Linux Programmer's Manual" |
fea681da MK |
32 | .SH NAME |
33 | setfsuid \- set user identity used for file system checks | |
34 | .SH SYNOPSIS | |
35 | .B #include <unistd.h> | |
36 | /* glibc uses <sys/fsuid.h> */ | |
37 | .sp | |
38 | .BI "int setfsuid(uid_t " fsuid ); | |
39 | .SH DESCRIPTION | |
40 | The system call | |
e511ffb6 | 41 | .BR setfsuid () |
fea681da | 42 | sets the user ID that the Linux kernel uses to check for all accesses |
c13182ef MK |
43 | to the file system. |
44 | Normally, the value of | |
fea681da | 45 | .I fsuid |
c13182ef MK |
46 | will shadow the value of the effective user ID. |
47 | In fact, whenever the | |
fea681da MK |
48 | effective user ID is changed, |
49 | .I fsuid | |
50 | will also be changed to the new value of the effective user ID. | |
51 | ||
52 | Explicit calls to | |
e511ffb6 | 53 | .BR setfsuid () |
fea681da | 54 | and |
0bfa087b | 55 | .BR setfsgid (2) |
fea681da MK |
56 | are usually only used by programs such as the Linux NFS server that |
57 | need to change what user and group ID is used for file access without a | |
58 | corresponding change in the real and effective user and group IDs. | |
59 | A change in the normal user IDs for a program such as the NFS server | |
6387216b MK |
60 | is a security hole that can expose it to unwanted signals. |
61 | (But see below.) | |
fea681da | 62 | |
e511ffb6 | 63 | .BR setfsuid () |
fea681da MK |
64 | will only succeed if the caller is the superuser or if |
65 | .I fsuid | |
66 | matches either the real user ID, effective user ID, saved set-user-ID, or | |
67 | the current value of | |
68 | .IR fsuid . | |
47297adb | 69 | .SH RETURN VALUE |
fea681da MK |
70 | On success, the previous value of |
71 | .I fsuid | |
c13182ef MK |
72 | is returned. |
73 | On error, the current value of | |
fea681da MK |
74 | .I fsuid |
75 | is returned. | |
a3680fde MK |
76 | .SH VERSIONS |
77 | This system call is present in Linux since version 1.2. | |
78 | .\" This system call is present since Linux 1.1.44 | |
79 | .\" and in libc since libc 4.7.6. | |
47297adb | 80 | .SH CONFORMING TO |
e511ffb6 | 81 | .BR setfsuid () |
8382f16d | 82 | is Linux-specific and should not be used in programs intended |
97c1eac8 | 83 | to be portable. |
fea681da MK |
84 | .SH NOTES |
85 | When glibc determines that the argument is not a valid user ID, | |
1274071a MK |
86 | it will return \-1 and set \fIerrno\fP to |
87 | .B EINVAL | |
88 | without attempting | |
fea681da MK |
89 | the system call. |
90 | .LP | |
91 | Note that at the time this system call was introduced, a process | |
92 | could send a signal to a process with the same effective user ID. | |
93 | Today signal permission handling is slightly different. | |
ae67a2cd MK |
94 | |
95 | The original Linux | |
96 | .BR setfsuid () | |
97 | system call supported only 16-bit user IDs. | |
c5662d5d | 98 | Subsequently, Linux 2.4 added |
ae67a2cd MK |
99 | .BR setfsuid32 () |
100 | supporting 32-bit IDs. | |
101 | The glibc | |
102 | .BR setfsuid () | |
103 | wrapper function transparently deals with the variation across kernel versions. | |
2dd578fd MK |
104 | .SH BUGS |
105 | No error messages of any kind are returned to the caller. | |
106 | At the very | |
107 | least, | |
108 | .B EPERM | |
109 | should be returned when the call fails (because the caller lacks the | |
110 | .B CAP_SETUID | |
111 | capability). | |
47297adb | 112 | .SH SEE ALSO |
fea681da MK |
113 | .BR kill (2), |
114 | .BR setfsgid (2), | |
53a1443c MK |
115 | .BR capabilities (7), |
116 | .BR credentials (7) |