Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

setprivgrp(1m) [hpux man page]

setprivgrp(1M)															    setprivgrp(1M)

NAME

       setprivgrp - set special privileges for groups

SYNOPSIS

       groupname [privileges]

       [privileges]

       [privileges]

       file

DESCRIPTION

       The  command associates a group with a list of privileges, thus providing access to certain system capabilities for members of a particular
       group or groups.  The privileges can be displayed with the command (see getprivgrp(1)).

       Privileges can be granted to individual groups, as defined in the file, and globally for all groups.

       Only a superuser can use the command.

   Options and Arguments
       recognizes the following options and arguments:

	      privileges     One or more of the keywords described below in

	      groupname      The name of a group defined in the file named The current privileges for groupname, if any, are replaced by the spec-
			     ified privileges.	To retain prior privileges, they must be respecified.

	      Specify global privileges that apply to all groups.
			     The  current  privileges,	if any, are replaced by the specified privileges, To retain prior privileges, they must be
			     respecified.

	      If no	     privileges are specified, delete all privileges for all groups, including global privileges.

			     If one or more privileges are specified, delete the specified privileges from the	current  privilege  lists  of  all
			     groups, including the global privilege list, but do not delete unspecified privileges.

	      Set the privileges according to entries in the file
			     file.  This file is usually The entry formats are described below in

   Privileged Capabilities
       The following system capabilities can be granted to groups:

	      Can use	     to change file ownerships (see chown(2)).

	      Can use	     to set locks on files that are open for reading only (see lockf(2)).

	      Can use	     to  lock  process	text  and data into memory, and the function to lock shared memory segments (see plock(2) and shm-
			     ctl(2)).

	      Can use	     to set real-time priorities (see rtprio(2)).

	      Can use	     and to set POSIX.4 real-time priorities (see rtsched(2)).

	      Can use	     to force the target process to run serially with other processes that are also marked by this system call (see  seri-
			     alize(2)).

	      Can use	     and to change, respectively, the real user ID and real group ID of a process (see setuid(2) and setgid(2)).

	      Allows certain administrative operations in the Process
			     Resource Manager (PRM) product.  See that product's documentation for more information.

	      Allows certain administrative operations in the Instant
			     Capacity (iCAP) product.  See that product's documentation for more information.

	      Can change system pset configuration (see
			     pset_create(2)).

	      Can use	     to change processor binding, locality domain binding or launch policy of a process (see mpctl(2)).

   Group Privileges File Format
       The file specified with the option should contain one or more lines in the following formats:

	      groupname [privileges]

	       [privileges]

	       [privileges]

       They are described above in "Options and Arguments".

RETURN VALUE

       exits with one of the following values:

	      Successful completion.
	      Failure.

AUTHOR

       was developed by HP.

FILES

       SEE ALSO
	      getprivgrp(1),  chown(2),  getprivgrp(2),  lockf(2), plock(2), rtprio(2), rtsched(2), serialize(2), setgid(2), setuid(2), shmctl(2),
	      mpctl(2), pset_create(2), privgrp(4).

																    setprivgrp(1M)

Check Out this Related Man Page

privgrp(5)							File Formats Manual							privgrp(5)

NAME

       privgrp - HP-UX group privileges

DESCRIPTION

       HP-UX  allows  subletting of limited superuser-like privileges to all users or to members of a particular group or groups.  This capability
       is deprecated and only existing applications should use it.  The newer fine-grained privilege facilities described in privileges(5)  should
       be used by new applications.

       The header defines the following symbolic privilege names: and

       All  but  one of the group privileges are supported as fine-grained privileges and described in privileges(5).  The one group privilege not
       supported as a fine-grained privilege is:

	      Permits the use of the
			     and system calls for changing respectively the real user ID and real group ID of a  process  (see	setuid(2)).   This
			     behavior  of  is  deprecated  and	only legacy applications should use it.  Newer applications should use and respec-
			     tively, to achieve the same effect.  (No special privileges required.)

       The header defines two additional symbolic constants:

	      defines the maximum number of groups with special privileges.
			     Of this maximum, one is reserved for global privileges (granted to all processes) and the remainder can  be  assigned
			     to actual group IDs.

	      defines the size of the multi-word mask used
			     in defining privileges associated with a group ID.

       The and commands and the and system calls may be used to define and query the privilege group associations.

       The group privileges are automatically initialized from the contents of (see privgrp(4)) at boot time.

WARNINGS

       This mechanism is deprecated and only legacy applications should use it.  See privileges(5) for a description of fine-grained privileges.

SEE ALSO

       getprivgrp(1),  setprivgrp(1M), chown(2), getprivgrp(2), lockf(2), mpctl(2), plock(2), pset_create(2), rtprio(2), rtsched(2), serialize(2),
       setgid(2), setuid(2), shmctl(2), privgrp(4), privileges(5).

																	privgrp(5)
Man Page