Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

setprivgrp(1m) [hpux man page]

setprivgrp(1M)															    setprivgrp(1M)

NAME

       setprivgrp - set special privileges for groups

SYNOPSIS

       groupname [privileges]

       [privileges]

       [privileges]

       file

DESCRIPTION

       The  command associates a group with a list of privileges, thus providing access to certain system capabilities for members of a particular
       group or groups.  The privileges can be displayed with the command (see getprivgrp(1)).

       Privileges can be granted to individual groups, as defined in the file, and globally for all groups.

       Only a superuser can use the command.

   Options and Arguments
       recognizes the following options and arguments:

	      privileges     One or more of the keywords described below in

	      groupname      The name of a group defined in the file named The current privileges for groupname, if any, are replaced by the spec-
			     ified privileges.	To retain prior privileges, they must be respecified.

	      Specify global privileges that apply to all groups.
			     The  current  privileges,	if any, are replaced by the specified privileges, To retain prior privileges, they must be
			     respecified.

	      If no	     privileges are specified, delete all privileges for all groups, including global privileges.

			     If one or more privileges are specified, delete the specified privileges from the	current  privilege  lists  of  all
			     groups, including the global privilege list, but do not delete unspecified privileges.

	      Set the privileges according to entries in the file
			     file.  This file is usually The entry formats are described below in

   Privileged Capabilities
       The following system capabilities can be granted to groups:

	      Can use	     to change file ownerships (see chown(2)).

	      Can use	     to set locks on files that are open for reading only (see lockf(2)).

	      Can use	     to  lock  process	text  and data into memory, and the function to lock shared memory segments (see plock(2) and shm-
			     ctl(2)).

	      Can use	     to set real-time priorities (see rtprio(2)).

	      Can use	     and to set POSIX.4 real-time priorities (see rtsched(2)).

	      Can use	     to force the target process to run serially with other processes that are also marked by this system call (see  seri-
			     alize(2)).

	      Can use	     and to change, respectively, the real user ID and real group ID of a process (see setuid(2) and setgid(2)).

	      Allows certain administrative operations in the Process
			     Resource Manager (PRM) product.  See that product's documentation for more information.

	      Allows certain administrative operations in the Instant
			     Capacity (iCAP) product.  See that product's documentation for more information.

	      Can change system pset configuration (see
			     pset_create(2)).

	      Can use	     to change processor binding, locality domain binding or launch policy of a process (see mpctl(2)).

   Group Privileges File Format
       The file specified with the option should contain one or more lines in the following formats:

	      groupname [privileges]

	       [privileges]

	       [privileges]

       They are described above in "Options and Arguments".

RETURN VALUE

       exits with one of the following values:

	      Successful completion.
	      Failure.

AUTHOR

       was developed by HP.

FILES

       SEE ALSO
	      getprivgrp(1),  chown(2),  getprivgrp(2),  lockf(2), plock(2), rtprio(2), rtsched(2), serialize(2), setgid(2), setuid(2), shmctl(2),
	      mpctl(2), pset_create(2), privgrp(4).

																    setprivgrp(1M)

Check Out this Related Man Page

plock(2)							System Calls Manual							  plock(2)

NAME

       plock() - lock process, text, data, stack, or shared library in memory

SYNOPSIS

DESCRIPTION

       The  system  call allows the calling process to lock the text segment of the process (text lock), its data segment (data lock), or both its
       text and data segment (process lock) into memory.  Stack segments are also locked when data segments are locked.  Shared library  text  and
       shared  library data segments (shlib lock) can also be locked.  Locked segments are immune to all routine swapping.  also allows these seg-
       ments to be unlocked.

       The effective user ID of the calling process must be a user with the privilege.

       op must be one of the following:

	      Lock text and data segments into memory (process lock)

	      Lock text segment into memory (text lock)

	      Lock data segment into memory (data lock)

	      Remove locks

	      Lock shared library text and shared library data segments (shared library lock)

	      Lock text, data and shared library text and shared library data segments
				  into memory (process and shared library lock)

	      Lock text, shared library text and shared library data segments into memory
				  (text and shared library lock)

	      Lock data, shared library text and shared library data segments into memory
				  (data and shared library lock)

	      Although and the family of functions may be used together in an application, each may affect the other  in  unexpected  ways.   This
	      practice is not recommended.

   Security Restrictions
       Some  or  all of the actions associated with this system call require the privilege.  Processes owned by the superuser have this privilege.
       Processes owned by other users may have this privilege, depending on system configuration.  See privileges(5) for  more	information  about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       returns the following values:

	      Successful completion.
	      Failure.
		     The requested operation is not performed.	is set to indicate the error.

ERRORS

       If fails, is set to one of the following values.

	      op	     is equal to and a process lock, a text lock, or a data lock already exists on the calling process.

	      op	     is equal to and a text lock or process lock already exists on the calling process.

	      op	     is equal to and a data lock, or process lock already exists on the calling process.

	      op	     is equal to and no type of lock exists on the calling process.

	      op	     is equal to and there are no unlocked shared library segments in the calling process.

	      op	     is equal to and a process lock, a text lock, or a data lock already exists on the calling process.

	      op	     is equal to and a text lock or process lock already exists on the calling process.

	      op	     is equal to and a data lock, or process lock already exists on the calling process.

	      op	     is not equal to one of the values specified in

	      is not allowed in a
			     window.  See vfork(2).

	      There is not enough lockable memory in the system
			     to satisfy the locking request.

	      The effective user ID of the calling process
			     is not a user with the privilege.

EXAMPLES

       The following call to locks the calling process in memory:

SEE ALSO

       setprivgrp(1M), exec(2), exit(2), fork(2), getprivgrp(2), mlock(2), vfork(2), privileges(5).

STANDARDS CONFORMANCE

																	  plock(2)
Man Page