Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

sia_get_groups(3) [osf1 man page]

sia_get_groups(3)					     Library Functions Manual						 sia_get_groups(3)

sia_get_groups - retrieve user's group information for SIA (Security Integration Architecture) LIBRARY
Standard C library ( and libc.a) SYNOPSIS
#include <sia.h> #include <siad.h> int sia_get_groups( const char *username gid_t basegid gid_t *buffer int *ngroups) PARAMETERS
The name of the user whose group information should be written to the buffer array. This parameter is read only. If not ((gid_t)-1), this GID will appear in the buffer array in addition to any other groups found for this user. This is normally used to pass the user's GID from the password information, since the GID is not necessarily listed in the group information obtained with getgrent(). The array into which this routine writes the accumulated GIDs for the specified user. On input, this parameter points to an integer that represents the maximum number of entries allowed for the buffer array. When this routine returns, it updates this value to be the number of entries which were found. On failure, the value is indeterminate. DESCRIPTION
The sia_get_groups() routine is called to obtain a user's group array. EXAMPLES
A typical call to obtain a user's group array follows: #include <sia.h> int ngroups; gid_t groups[NGROUPS]; struct passwd *pw; extern char *username; pw = getpwnam(username); if (pw == NULL) return 0; ngroups = NGROUPS; if (sia_get_groups(username, pw->pw_gid, groups, &ngroups) != SIASUCCESS) return 0; /* process group array here */ RETURN VALUES
This routine returns SIA_SUCCESS if all the incoming arguments are correct (non-null pointers, non-null username, and *ngroups must be pos- itive), and if none of the configured mechanism functions for group processing returned a fatal error. Finding more than *ngroups GIDs for the user is one such fatal error, and is the only one defined for all mechanisms. If a fatal error is encountered in one of the configured mechanisms, this routine returns SIAFAIL|SIASTOP. If there are parameter errors, or if a getgrent_r call fails, this routine returns SIAFAIL. ERRORS
While errno will usually be propagated from whatever other calls failed, this routine will return with errno explicitly set for the follow- ing conditions: One of the pointer arguments was NULL. *username was 0, or *ngroups was not positive. Thread context failure while scan- ning for groups. FILES
/etc/sia/matrix.conf RELATED INFORMATION
getgrent(3), matrix.conf(4), initgroups(3), siad_get_groups(3) _sia_isagroup(3) Security delim off sia_get_groups(3)

Check Out this Related Man Page

siad_get_groups(3)					     Library Functions Manual						siad_get_groups(3)

siad_get_groups - mechanism-specific routine called from sia_get_groups to fill in a user's supplementary groups for SIA (Security Inte- gration Architecture) LIBRARY
Standard C library ( and libc.a) SYNOPSIS
#include <sia.h> #include <siad.h> int siad_get_groups( struct sia_context *context const char *username gid_t *buffer int *ngroups int maxgroups) PARAMETERS
A thread-specific allocation context, shared with other group-related calls such as siad_getgrent. The name of the user whose supplemen- tary group list is desired. Pointer to storage for the list of groups. It may already have some entries in it, depending on the incoming value of ngroups. The number of slots in the buffer which are used. Read on input, and updated as groups are added by each mechanism. The maximum number of secondary groups for which buf has storage allocated. It is not an error to have ngroups equal to maxgroups, but if another (unique) group is found beyond that limit, the routine is expected to return SIADFAIL|SIADSTOP to halt any further scan for addi- tional group information. DESCRIPTION
This routine is responsible for ensuring that any group it adds to the list of GIDs found is not a duplicate. __sia_isagroup(3) is pro- vided specifically to make that determination simpler for the mechanism developer. It is not responsible for calling the mechanism-spe- cific siad_setgrent() routine, since sia_get_groups() makes that call. The sia_get_groups() routine will also make the call to the siad_endgrent() routine. This routine, unlike most of the SIA mechanism-dependent routines, is optional. If it is not provided, sia_get_groups() will use the mech- anism's siad_getgrent() routine instead. This routine is provided by mechanisms which have a faster method for finding the groups for a user than doing a simple getgrent() loop. RETURN VALUES
This routine should only return failure as described above or if the mechanism encounters an initialization error that prevents scanning for group information. In particular, it is not an error for a given mechanism to find no groups for a user. This routine returns SIADSUCCESS if group scanning was possible and the group list did not need additional storage. It returns SIAD- FAIL|SIADSTOP if the group list did need more than maxgroups entries. It returns SIADFAIL if the mechanism is unable to scan for groups at all. RELATED INFORMATION
sia_get_groups(3), siad_setgrent(3), siad_getgrent(3), siad_endgrent(3), matrix.conf(4), Security delim off siad_get_groups(3)
Man Page