set_ids_from_arg()

QNX SDP8.0QNX OS System Security GuideAPIConfiguration

Change the caller's identifiers based on a given string

Synopsis:

#include <secpol/ids.h>
int set_ids_from_arg(const char *arg)

Arguments:

arg
The formatted string containing the ID information.

Library:

libsecpol

Description:

The set_ids_from_arg() function sets the returned user ID, group ID, and supplementary group IDs.

This function doesn't support negative IDs.

The arg string format can take one of the following two forms:
  • UID
    uid:gid,sgid1,sgid2,sgid3,... 
    
    All IDs must be numbers. The UID and GID are separated by a colon. The GID can be followed by a comma-separated list of supplementary group IDs. If the GID is not specified, the GID of the calling process is returned. The supplementary GIDs are also optional. *
  • Username
    username,sgid1,sgid2,sgid3,... 
    
    The username must be a valid username defined in /etc/passwd; otherwise, the function errors out with EINVAL. The supplementary GIDs are optional and must be a comma-separated list of numbers. The GID is looked up in /etc/passwd. The supplementary GIDs returned are a union of the supplementary GIDs in /etc/group for the given username and the GIDs parsed from arg.

See also get_ids_from_arg().

Returns:

EOK on success; on failure, -1 and errno is set to one of the following values:
  • EINVAL - The argument is in an invalid format or references a non-existent username.
  • ERANGE - An ID in the argument is larger than the uid_t or gid_t data type supports.
  • E2BIG - The system can't support the number of supplementary GIDs specified in the argument.
  • EPERM - The calling process does not have the required permissions to set IDs.
Page updated: