628a706c96
Approved by: re (bmah) Submitted by: sbahra@hpcl.seas.gwu.edu (via #bsddocs@EFnet) Pointy hat to: rwatson
116 lines
3.6 KiB
Groff
116 lines
3.6 KiB
Groff
.\"
|
|
.\" Copyright (c) 1996 Julian R Elischer
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" This code is derived from software contributed by Kenneth Stailey.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. The name of the author may not be used to endorse or promote products
|
|
.\" derived from this software without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
|
.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" $FreeBSD$
|
|
.\"
|
|
.Dd August 30, 2007
|
|
.Dt SUSER 9
|
|
.Os
|
|
.Sh NAME
|
|
.Nm suser ,
|
|
.Nm suser_cred
|
|
.Nd check if credentials have superuser privileges
|
|
.Sh SYNOPSIS
|
|
.In sys/priv.h
|
|
.Ft int
|
|
.Fn suser "struct thread *td"
|
|
.Ft int
|
|
.Fn suser_cred "struct ucred *cred" "int flag"
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Fn suser
|
|
and
|
|
.Fn suser_cred
|
|
functions check if the credentials given include superuser powers.
|
|
.Pp
|
|
These interfaces have now been obsoleted by
|
|
.Xr priv 9 ,
|
|
and are provided only for compatibility with third party kernel modules that
|
|
have not yet been updated to the new interface.
|
|
They should not be used in any new kernel code.
|
|
.Pp
|
|
The
|
|
.Fn suser
|
|
function is the most common, and should be used unless special
|
|
circumstances dictate otherwise.
|
|
.Pp
|
|
The
|
|
.Fn suser_cred
|
|
function should be used when the credentials to be checked are
|
|
not the thread's own, when there is no thread, when superuser
|
|
powers should be extended to imprisoned roots, or when the credential
|
|
to be checked is the real user rather than the effective user.
|
|
.Pp
|
|
Whether or not a privilege is permitted in a
|
|
.Xr jail 8
|
|
depends on logic in
|
|
.Fn prison_priv_check .
|
|
.Pp
|
|
In general, privileges are assigned based on the effective user ID; in some
|
|
cases, the real user ID may be used.
|
|
.Pp
|
|
The
|
|
.Fa flags
|
|
field is currently unused.
|
|
.Pp
|
|
The
|
|
.Fn suser
|
|
and
|
|
.Fn suser_cred
|
|
functions note the fact that superuser powers have been used in the
|
|
process structure of the process specified.
|
|
Because part of their function is to notice
|
|
whether superuser powers have been used,
|
|
the functions should only be called after other permission
|
|
possibilities have been exhausted.
|
|
.Sh RETURN VALUES
|
|
The
|
|
.Fn suser
|
|
and
|
|
.Fn suser_cred
|
|
functions return 0 if the user has superuser powers and
|
|
.Er EPERM
|
|
otherwise.
|
|
This is the
|
|
.Em reverse logic
|
|
of some other implementations of
|
|
.Fn suser
|
|
in which a TRUE response indicates superuser powers.
|
|
.Sh SEE ALSO
|
|
.Xr chroot 2 ,
|
|
.Xr jail 2 ,
|
|
.Xr priv 9
|
|
.Sh BUGS
|
|
The
|
|
.Fn suser
|
|
and
|
|
.Fn suser_cred
|
|
functions do not, in fact, record that superuser privileges have been
|
|
used, and have not done so since August 2000.
|