diff options
| author | Alejandro Colomar <alx@kernel.org> | 2024-04-26 15:06:49 +0200 |
|---|---|---|
| committer | Alejandro Colomar <alx@kernel.org> | 2024-05-02 01:24:19 +0200 |
| commit | dcde2f70372b49ec43efc5db864c9ff585d0a2dd (patch) | |
| tree | 78b9b7425130e4a5858e4c01a524d802423879ed /man/man2/seteuid.2 | |
| parent | 12aca537ce78a41bbcdaf485209691e10f8002d7 (diff) | |
| download | man-pages-dcde2f70372b49ec43efc5db864c9ff585d0a2dd.tar.gz | |
man/, share/mk/: Move man*/ to man/
This is a scripted change:
$ mkdir man/;
$ mv man* man/;
$ ln -st . man/man*;
$ find share/mk/ -type f \
| xargs grep -l '^MANDIR *:=' \
| xargs sed -i '/^MANDIR *:=/s,$,/man,';
$ find share/mk/dist/ -type f \
| xargs grep -l man \
| xargs sed -i 's,man%,man/%,g';
Link: <https://lore.kernel.org/linux-man/YxcV4h+Xn7cd6+q2@pevik/T/>
Cc: Petr Vorel <pvorel@suse.cz>
Cc: Jakub Wilk <jwilk@jwilk.net>
Cc: Stefan Puiu <stefan.puiu@gmail.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Diffstat (limited to 'man/man2/seteuid.2')
| -rw-r--r-- | man/man2/seteuid.2 | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/man/man2/seteuid.2 b/man/man2/seteuid.2 new file mode 100644 index 0000000000..0eae04f79f --- /dev/null +++ b/man/man2/seteuid.2 @@ -0,0 +1,134 @@ +.\" Copyright (C) 2001 Andries Brouwer (aeb@cwi.nl) +.\" +.\" SPDX-License-Identifier: Linux-man-pages-copyleft +.\" +.\" [should really be seteuid.3] +.\" Modified, 27 May 2004, Michael Kerrisk <mtk.manpages@gmail.com> +.\" Added notes on capability requirements +.\" +.TH seteuid 2 (date) "Linux man-pages (unreleased)" +.SH NAME +seteuid, setegid \- set effective user or group ID +.SH LIBRARY +Standard C library +.RI ( libc ", " \-lc ) +.SH SYNOPSIS +.nf +.B #include <unistd.h> +.P +.BI "int seteuid(uid_t " euid ); +.BI "int setegid(gid_t " egid ); +.fi +.P +.RS -4 +Feature Test Macro Requirements for glibc (see +.BR feature_test_macros (7)): +.RE +.P +.BR seteuid (), +.BR setegid (): +.nf + _POSIX_C_SOURCE >= 200112L + || /* glibc <= 2.19: */ _BSD_SOURCE +.fi +.SH DESCRIPTION +.BR seteuid () +sets the effective user ID of the calling process. +Unprivileged processes may only set the effective user ID to the +real user ID, the effective user ID or the saved set-user-ID. +.P +Precisely the same holds for +.BR setegid () +with "group" instead of "user". +.\" When +.\" .I euid +.\" equals \-1, nothing is changed. +.\" (This is an artifact of the implementation in glibc of seteuid() +.\" using setresuid(2).) +.SH RETURN VALUE +On success, zero is returned. +On error, \-1 is returned, and +.I errno +is set to indicate the error. +.P +.IR Note : +there are cases where +.BR seteuid () +can fail even when the caller is UID 0; +it is a grave security error to omit checking for a failure return from +.BR seteuid (). +.SH ERRORS +.TP +.B EINVAL +The target user or group ID is not valid in this user namespace. +.TP +.B EPERM +In the case of +.BR seteuid (): +the calling process is not privileged (does not have the +.B CAP_SETUID +capability in its user namespace) and +.I euid +does not match the current real user ID, current effective user ID, +or current saved set-user-ID. +.IP +In the case of +.BR setegid (): +the calling process is not privileged (does not have the +.B CAP_SETGID +capability in its user namespace) and +.I egid +does not match the current real group ID, current effective group ID, +or current saved set-group-ID. +.SH VERSIONS +Setting the effective user (group) ID to the +saved set-user-ID (saved set-group-ID) is +possible since Linux 1.1.37 (1.1.38). +On an arbitrary system one should check +.BR _POSIX_SAVED_IDS . +.P +Under glibc 2.0, +.BI seteuid( euid ) +is equivalent to +.BI setreuid(\-1, " euid" ) +and hence may change the saved set-user-ID. +Under glibc 2.1 and later, it is equivalent to +.BI setresuid(\-1, " euid" ", \-1)" +and hence does not change the saved set-user-ID. +Analogous remarks hold for +.BR setegid (), +with the difference that the change in implementation from +.BI setregid(\-1, " egid" ) +to +.BI setresgid(\-1, " egid" ", \-1)" +occurred in glibc 2.2 or 2.3 (depending on the hardware architecture). +.P +According to POSIX.1, +.BR seteuid () +.RB ( setegid ()) +need not permit +.I euid +.RI ( egid ) +to be the same value as the current effective user (group) ID, +and some implementations do not permit this. +.SS C library/kernel differences +On Linux, +.BR seteuid () +and +.BR setegid () +are implemented as library functions that call, respectively, +.BR setresuid (2) +and +.BR setresgid (2). +.SH STANDARDS +POSIX.1-2008. +.SH HISTORY +POSIX.1-2001, 4.3BSD. +.SH SEE ALSO +.BR geteuid (2), +.BR setresuid (2), +.BR setreuid (2), +.BR setuid (2), +.BR capabilities (7), +.BR credentials (7), +.BR user_namespaces (7) |