1 .\" Copyright (C) 1997 Andries Brouwer (aeb@cwi.nl)
2 .\" and Copyright (C) 2005, 2010, 2014, 2015, Michael Kerrisk <mtk.manpages@gmail.com>
4 .\" SPDX-License-Identifier: Linux-man-pages-copyleft
6 .\" Modified, 2003-05-26, Michael Kerrisk, <mtk.manpages@gmail.com>
7 .TH SETRESUID 2 (date) "Linux man-pages (unreleased)"
9 setresuid, setresgid \- set real, effective, and saved user or group ID
12 .RI ( libc ", " \-lc )
15 .BR "#define _GNU_SOURCE" " /* See feature_test_macros(7) */"
16 .B #include <unistd.h>
18 .BI "int setresuid(uid_t " ruid ", uid_t " euid ", uid_t " suid );
19 .BI "int setresgid(gid_t " rgid ", gid_t " egid ", gid_t " sgid );
23 sets the real user ID, the effective user ID, and the
24 saved set-user-ID of the calling process.
26 An unprivileged process may change its real UID,
27 effective UID, and saved set-user-ID, each to one of:
28 the current real UID, the current effective UID, or the
29 current saved set-user-ID.
31 A privileged process (on Linux, one having the \fBCAP_SETUID\fP capability)
32 may set its real UID, effective UID, and
33 saved set-user-ID to arbitrary values.
35 If one of the arguments equals \-1, the corresponding value is not changed.
37 Regardless of what changes are made to the real UID, effective UID,
38 and saved set-user-ID, the filesystem UID is always set to the same
39 value as the (possibly new) effective UID.
41 Completely analogously,
43 sets the real GID, effective GID, and saved set-group-ID
44 of the calling process (and always modifies the filesystem GID
45 to be the same as the effective GID),
46 with the same restrictions for unprivileged processes.
48 On success, zero is returned.
49 On error, \-1 is returned, and
51 is set to indicate the error.
56 can fail even when the caller is UID 0;
57 it is a grave security error to omit checking for a failure return from
62 The call would change the caller's real UID (i.e.,
64 does not match the caller's real UID),
65 but there was a temporary failure allocating the
66 necessary kernel data structures.
70 does not match the caller's real UID and this call would
71 bring the number of processes belonging to the real user ID
76 Since Linux 3.1, this error case no longer occurs
77 (but robust applications should check for this error);
78 see the description of
84 One or more of the target user or group IDs
85 is not valid in this user namespace.
88 The calling process is not privileged (did not have the necessary
89 capability in its user namespace)
90 and tried to change the IDs to values that are not permitted.
93 the necessary capability is
100 These calls are available under Linux since Linux 2.1.44.
102 These calls are nonstandard;
103 they also appear on HP-UX and some of the BSDs.
105 Under HP-UX and FreeBSD, the prototype is found in
107 Under Linux, the prototype is provided by glibc since version 2.3.2.
113 system calls supported only 16-bit user and group IDs.
114 Subsequently, Linux 2.4 added
118 supporting 32-bit IDs.
123 wrapper functions transparently deal with the variations across kernel versions.
125 .SS C library/kernel differences
126 At the kernel level, user IDs and group IDs are a per-thread attribute.
127 However, POSIX requires that all threads in a process
128 share the same credentials.
129 The NPTL threading implementation handles the POSIX requirements by
130 providing wrapper functions for
131 the various system calls that change process UIDs and GIDs.
132 These wrapper functions (including those for
136 employ a signal-based technique to ensure
137 that when one thread changes credentials,
138 all of the other threads in the process also change their credentials.
148 .BR capabilities (7),
150 .BR user_namespaces (7)