setpcred Subroutine

AIX Version 4.3 Base Operating System and Extensions Technical Reference, Volume 2

setpcred Subroutine

Purpose

Sets the current process credentials.

Library

Security Library (libc.a)

Syntax

#include <usersec.h>

int setpcred (User, Credentials)
char **Credentials;
char *User;

Description

The setpcred subroutine sets a process' credentials according to the Credentials parameter. If the User parameter is specified, the credentials defined for the user in the user database are used. If the Credentials parameter is specified, the credentials in this string are used. If both the User and Credentials parameters are specified, both the user's and the supplied credentials are used. However, the supplied credentials of the Credentials parameter will override those of the user. At least one parameter must be specified.

The setpcred subroutine requires the setpenv subroutine to follow it.

Note: If the auditwrite subroutine is to be called from a program invoked from the inittab file, the setpcred subroutine should be called first to establish the process' credentials.

User

Specifies the user for whom credentials are being established.

Credentials

Defines specific credentials to be established. This parameter points to an array of null-terminated character strings that may contain the following values. The last character string must be null.

`LOGIN_USER=%s`	Login user name
`REAL_USER=%s`	Real user name
`REAL_GROUP=%s`	Real group name
`GROUPS=%s`	Supplementary group ID
`AUDIT_CLASSES=%s`	Audit classes
`RLIMIT_CPU=%d`	Process soft CPU limit
`RLIMIT_FSIZE=%d`	Process soft file size
`RLIMIT_DATA=%d`	Process soft data segment size
`RLIMIT_STACK=%d`	Process soft stack segment size
`RLIMIT_CORE=%d`	Process soft core file size
`RLIMIT_RSS=%d`	Process soft resident set size
`RLIMIT_CORE_HARD=%d`	Process hard core file size
`RLIMIT_CPU_HARD=%d`	Process hard CPU limit
`RLIMIT_DATA_HARD=%d`	Process hard data segment size
`RLIMIT_FSIZE_HARD=%d`	Process hard file size
`RLIMIT_RSS_HARD=%d`	Process hard resident set size
`RLIMIT_STACK_HARD=%d`	Process hard stack segment size
`UMASK=%o`	Process umask (file creation mask)

A process must have root user authority to set all credentials except the UMASK credential.

`Resource`	`Hard`	`Soft`
`RLIMIT_CORE`	`unlimited`	`%d`
`RLIMIT_CPU`	`%d`	`%d`
`RLIMIT_DATA`	`unlimited`	`%d`
`RLIMIT_FSIZE`	`%d`	`%d`
`RLIMIT_RSS`	`unlimited`	`%d`
`RLIMIT_STACK`	`unlimited`	`%d`

The soft limit credentials will override the equivalent hard limit credentials that may proceed them. To set the hard limits, the hard limit credentials should follow the soft limit credentials.

Return Values

Upon successful return, the setpcred subroutine returns a value of 0. If setpcred fails, a value of -1 is returned and the errno global variable is set to indicate the error.

Error Codes

The setpcred subroutine fails if one or more of the following are true:

EINVAL	The Credentials parameter contains invalid credentials specifications.
EINVAL	The User parameter is null and the Credentials parameter is either null or points to an empty string.
EPERM	The process does not have the proper authority to set the requested credentials.

Other errors may be set by subroutines invoked by the setpcred subroutine.

Implementation Specifics

This subroutine is part of Base Operating System (BOS) Runtime.

Related Information

The auditwrite subroutine, ckuseracct subroutine, ckuserID subroutine, getpcred subroutine, getpenv subroutine, setpenv subroutine.

List of Security and Auditing Subroutines, Subroutines Overview in AIX Version 4.3 General Programming Concepts: Writing and Debugging Programs.