aboutsummaryrefslogtreecommitdiff
path: root/lib/libsys/setgroups.2
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libsys/setgroups.2')
-rw-r--r--lib/libsys/setgroups.2101
1 files changed, 101 insertions, 0 deletions
diff --git a/lib/libsys/setgroups.2 b/lib/libsys/setgroups.2
new file mode 100644
index 000000000000..a226aeafea96
--- /dev/null
+++ b/lib/libsys/setgroups.2
@@ -0,0 +1,101 @@
+.\" Copyright (c) 1983, 1991, 1993, 1994
+.\" The Regents of the University of California. All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of the University nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.Dd January 19, 2018
+.Dt SETGROUPS 2
+.Os
+.Sh NAME
+.Nm setgroups
+.Nd set group access list
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/param.h
+.In unistd.h
+.Ft int
+.Fn setgroups "int ngroups" "const gid_t *gidset"
+.Sh DESCRIPTION
+The
+.Fn setgroups
+system call
+sets the group access list of the current user process
+according to the array
+.Fa gidset .
+The
+.Fa ngroups
+argument
+indicates the number of entries in the array and must be no
+more than
+.Dv {NGROUPS_MAX}+1 .
+.Pp
+Only the super-user may set a new group list.
+.Pp
+The first entry of the group array
+.Pq Va gidset[0]
+is used as the effective group-ID for the process.
+This entry is over-written when a setgid program is run.
+To avoid losing access to the privileges of the
+.Va gidset[0]
+entry, it should be duplicated later in the group array.
+By convention,
+this happens because the group value indicated
+in the password file also appears in
+.Pa /etc/group .
+The group value in the password file is placed in
+.Va gidset[0]
+and that value then gets added a second time when the
+.Pa /etc/group
+file is scanned to create the group set.
+.Sh RETURN VALUES
+.Rv -std setgroups
+.Sh ERRORS
+The
+.Fn setgroups
+system call will fail if:
+.Bl -tag -width Er
+.It Bq Er EPERM
+The caller is not the super-user.
+.It Bq Er EINVAL
+The number specified in the
+.Fa ngroups
+argument is larger than the
+.Dv {NGROUPS_MAX}+1
+limit.
+.It Bq Er EFAULT
+The address specified for
+.Fa gidset
+is outside the process
+address space.
+.El
+.Sh SEE ALSO
+.Xr getgroups 2 ,
+.Xr initgroups 3
+.Sh HISTORY
+The
+.Fn setgroups
+system call appeared in
+.Bx 4.2 .
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 16:16:26 +0000