User Commands ppriv(1)
NAME
ppriv - inspect or modify process privilege sets and attri-
butesSYNOPSIS
/usr/bin/ppriv -e [-D | -N] [-M] [-s spec] command [arg]...
/usr/bin/ppriv [-v] [-S] [-D | -N] [-s spec]
[pid | core].../usr/bin/ppriv -l [-v] [privilege-specification]...
DESCRIPTION
The first invocation of the ppriv command runs the command
specified with the privilege sets and flags modified accord-
ing to the arguments on the command line. The second invocation examines or changes the privilege state of running process and core files.The third invocation lists the privileges defined and infor-
mation about specified privileges or privileges set specifi-
cations. OPTIONS The following options are supported:-D Turns on privilege debugging for the processes or
command supplied.-e Interprets the remainder of the arguments as a
command line and runs the command line with specified privilege attributes and sets.-l Lists all currently defined privileges on stdout.
-M When a system is configured with Trusted Exten-
sions, this option turns on the NET_MAC_AWARE and
NET_MAC_AWARE_INHERIT process attributes.
A process with these attributes and thenet_mac_aware privilege can communicate with
lower-level remote peers.
SunOS 5.11 Last change: 24 Feb 2008 1
User Commands ppriv(1)
-N Turns off privilege debugging for the processes
or command supplied.-s spec Modifies a process's privilege sets according to
spec, a specification with the format [AEILP][+-
=]privsetspec, containing no spaces, where: AEILP Indicates one or more letters indicating which privilege sets tochange. These are case insensi-
tive, for example, either a or A indicates all privilege sets.+-= Indicates a modifier to respec-
tively add (+), remove (-), or
assign (=) the listed privileges to the specified set(s) in privsetspec.privsetspec Indicates a comma-separated
privilege set specification (priv1,priv2, and so on), asdescribed in priv_str_to_set(3C).
Modifying the same set with multiple -s options
is possible as long as there is either precisely one assignment to an individual set or any number of additions and removals. That is, assignment and addition or removal for one set are mutually exclusive.-S Short. Reports the shortest possible output
strings for sets. The default is portable output.See priv_str_to_set(3C).
-v Verbose. Reports privilege sets using privilege
names.USAGE
The ppriv utility examines processes and core files and
prints or changes their privilege sets.ppriv can run commands with privilege debugging on or off or
with fewer privileges than the invoking process.SunOS 5.11 Last change: 24 Feb 2008 2
User Commands ppriv(1)
When executing a sub process, the only sets that can be modified are L and I. Privileges can only be removed from Land I as ppriv starts with P=E=I.
ppriv can also be used to remove privileges from processes
or to convey privileges to other processes. In order to con-
trol a process, the effective set of the ppriv utility must
be a super set of the controlled process's E, I, and P. The utility's limit set must be a super set of the target's limit set. If the target's process uids do not match, the{PRIV_PROC_OWNER} privilege must be asserted in the
utility's effective set. If the controlled processes have any uid with the value 0, more restrictions might exist. See privileges(5).EXAMPLES
Example 1 Obtaining the Process Privileges of the Current Shell The following example obtains the process privileges of the current shell:example$ ppriv $$
387: -sh
flags =E: basic I: basic P: basic L: all Example 2 Removing a Privilege From Your Shell's Inheritable and Effective Set The following example removes a privilege from your shell's inheritable and effective set. example$ ppriv -s EI-proc_session $$
The subprocess can still inspect the parent shell but it can no longer influence the parent because the parent has moreprivileges in its Permitted set than the ppriv child pro-
cess:SunOS 5.11 Last change: 24 Feb 2008 3
User Commands ppriv(1)
example$ truss -p $$
truss: permission denied: 387example$ ppriv $$
387: -sh
flags =E: basic,!proc_session
I: basic,!proc_session
P: basic L: all Example 3 Running a Process with Privilege DebuggingThe following example runs a process with privilege debug-
ging:example$ ppriv -e -D cat /etc/shadow
cat[418]: missing privilege "file_dac_read" (euid = 21782),
needed at ufs_access+0x3c
cat: cannot open /etc/shadowThe privilege debugging error messages are sent to the con-
trolling terminal of the current process. The needed ataddress specification is an artifact of the kernel implemen-
tation and it can be changed at any time after a software update. The system call number can be mapped to a system call using/etc/name_to_sysnum.
Example 4 Listing the Privileges Available in the Current Zone The following example lists the privileges available in the current zone (see zones(5)). When run in the global zone, all defined privileges are listed.example$ ppriv -l zone
... listing of all privileges elided ...SunOS 5.11 Last change: 24 Feb 2008 4
User Commands ppriv(1)
Example 5 Examining a Privilege Aware Process The following example examines a privilege aware process:example$ ppriv -S `pgrep rpcbind`
928: /usr/sbin/rpcbindflags = PRIV_AWARE
E: net_privaddr,proc_fork,sys_nfs
I: noneP: net_privaddr,proc_fork,sys_nfs
L: none See setpflags(2) for explanations of the flags. EXIT STATUS The following exit values are returned: 0 Successful operation.non-zero An error has occurred.
FILES /proc/* Process files/etc/name_to_sysnum system call name to number mapping
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:SunOS 5.11 Last change: 24 Feb 2008 5
User Commands ppriv(1)
________________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_________________________________|
| Availability | system/extended-system-utilities|
|_____________________________|_________________________________|
| Interface Stability | See below. ||_____________________________|_________________________________|
The invocation is Committed. The output is Uncommitted.SEE ALSO
gcore(1), truss(1), setpflags(2), priv_str_to_set(3C),
proc(4), attributes(5), privileges(5), zones(5)SunOS 5.11 Last change: 24 Feb 2008 6