Manual Pages for UNIX Operating System command usage for man priv_policy_choice

Kernel Functions for Drivers                      priv_policy(9F)



NAME
     priv_policy, priv_policy_only, priv_policy_choice  -  check,
     report, and audit privileges

SYNOPSIS
     #include 

     int priv_policy(const cred_t *cr, int priv, boolean_t flag,
          int err, const char *msg);


     boolean_t priv_policy_only(const cred_t *cr, int priv,
          boolean_t flag);


     boolean_t priv_policy_choice(const cred_t *cr, int priv,
          boolean_t flag);


INTERFACE LEVEL
     Solaris DDI specific (Solaris DDI).

PARAMETERS
     cr      The credential to be checked.


     priv    The integer value of the privilege to test.


     flag    All zone privileges flag. Set to  B_FALSE  for  most
             tests or B_TRUE if the operation requires the caller
             to have all available privileges in the zone.


     err     The error code to return.


     msg     String that is added to the privilege debugging mes-
             sage  if  one  is  generated.  NULL if no additional
             information is needed. Because the function name  is
             included  in  the  output,  NULL is usually the best
             value to pass as a parameter.


DESCRIPTION
     These functions aid  in  privilege  checking  and  privilege
     debugging.


     The       priv_policy(),       priv_policy_only(),       and
     priv_policy_choice()  functions  all  check  whether priv is
     asserted in the effective set of the credential. The special



SunOS 5.11           Last change: 1 Jul 2010                    1






Kernel Functions for Drivers                      priv_policy(9F)



     value PRIV_ALL tests for all privileges.


     The priv_policy() function updates the ASU  accounting  flag
     and records the privilege used on success in the audit trail
     if the required privilege was not a basic privilege.


     The priv_policy_only() function checks whether  a  privilege
     is asserted and has no side effects.


     The    priv_policy_choice()    function     behaves     like
     priv_policy_only()  but  records  the successfully used non-
     basic privileges in the audit trail.

RETURN VALUES
     On success, priv_policy() return 0. On  failure  it  returns
     its parameter err.


     On  success,  priv_policy_choice()  and   priv_policy_only()
     return 1, on failure both return 0.

ERRORS
     EINVAL          The flags parameter is invalid,  the  speci-
                     fied  privilege  does not exist, or the priv
                     parameter contains invalid characters.


     ENOMEM          There  is  no  room  to   allocate   another
                     privilege.


     ENAMETOOLONG    An attempt was made to allocate a  privilege
                     that  was longer than {PRIVNAME_MAX} charac-
                     ters.


CONTEXT
     This functions can be called from user, interrupt, or kernel
     context.

ATTRIBUTES
     See attributes(5) for a description of the following  attri-
     butes:









SunOS 5.11           Last change: 1 Jul 2010                    2






Kernel Functions for Drivers                      priv_policy(9F)



     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Interface Stability         | Committed                   |
    |_____________________________|_____________________________|


SEE ALSO
     acct(3HEAD), attributes(5), privileges(5)


     Writing Device Drivers











































SunOS 5.11           Last change: 1 Jul 2010                    3