SCCS-vsn: lib/libc/sys/execve.2 6.10
SCCS-vsn: lib/libc/sys/setuid.2 6.7
SCCS-vsn: lib/libc/sys/sigaction.2 6.6
.\"
.\" %sccs.include.redist.man%
.\"
.\"
.\" %sccs.include.redist.man%
.\"
-.\" @(#)execve.2 6.9 (Berkeley) %G%
+.\" @(#)execve.2 6.10 (Berkeley) %G%
If the set-group-ID mode bit of the new process image file is set,
the effective group ID of the new process image is set to the group ID
of the new process image file.
If the set-group-ID mode bit of the new process image file is set,
the effective group ID of the new process image is set to the group ID
of the new process image file.
+(The effective group ID is the first element of the group list.)
The real user ID, real group ID and
The real user ID, real group ID and
-supplementary group IDs of the new process image remain the same as the calling
+other group IDs of the new process image remain the same as the calling
+After any set-user-ID and set-group-ID processing,
+the effective user ID is recorded as the saved set-user-ID,
+and the effective group ID is recorded as the saved set-group-ID.
+These values may be used in changing the effective IDs later (see
+.XR setuid 2 ) .
.Pp
The new process also inherits the following attributes from
the calling process:
.Pp
The new process also inherits the following attributes from
the calling process:
.\"
.\" %sccs.include.redist.man%
.\"
.\"
.\" %sccs.include.redist.man%
.\"
-.\" @(#)setuid.2 6.6 (Berkeley) %G%
+.\" @(#)setuid.2 6.7 (Berkeley) %G%
-.Pq Fn setgid
-sets both the real and effective
-user ID (group ID) of the current process
-as specified.
+sets the real and effective
+user IDs and the saved set-user-ID of the current process
+to the specified value.
+The
+.Fn setuid
+function is permitted if the specified ID is equal to the real user ID
+of the process, or if the effective user ID is that of the super user.
+.Pp
+The
+.Fn setgid
+function
+sets the real and effective
+group IDs and the saved set-group-ID of the current process
+to the specified value.
+The
+.Fn setgid
+function is permitted if the specified ID is equal to the real group ID
+of the process, or if the effective user ID is that of the super user.
.Pq Fn setegid
sets the effective user ID (group ID) of the
current process.
.Pq Fn setegid
sets the effective user ID (group ID) of the
current process.
+The effective user ID may be set to the value
+of the real user ID or the saved set-user-ID (see
+.Xr intro 2
+and
+.Xr execve 2 ) ;
+in this way, the effective user ID of a set-user-ID executable
+may be toggled by switching to the real user ID, then re-enabled
+by reverting to the set-user-ID value.
+Similarly, the effective group ID may be set to the value
+of the real group ID or the saved set-user-ID.
.Pp
.Sh RETURN VALUES
Upon success, these functions return 0;
.Pp
.Sh RETURN VALUES
Upon success, these functions return 0;
.Sh SEE ALSO
.Xr getuid 2 ,
.Xr getgid 2
.Sh SEE ALSO
.Xr getuid 2 ,
.Xr getgid 2
.Fn setuid
and
.Fn setgid
.Fn setuid
and
.Fn setgid
-syscall appeared in
-.At v6 .
+functions are compliant with the
+.St -p1003.1-88
+specification with
+.Li _POSIX_SAVED_IDS
+not defined.
+The
+.Fn seteuid
+and
+.Fn setegid
+functions are extensions based on the
+.Tn POSIX
+concept of
+.Li _POSIX_SAVED_IDS ,
+and have been proposed for a future revision of the standard.
.\"
.\" %sccs.include.redist.roff%
.\"
.\"
.\" %sccs.include.redist.roff%
.\"
-.\" @(#)sigaction.2 6.5 (Berkeley) %G%
+.\" @(#)sigaction.2 6.6 (Berkeley) %G%
.Fn sigaction "int sig" "struct sigaction *act" "struct sigaction *oact"
.Sh DESCRIPTION
The system defines a set of signals that may be delivered to a process.
.Fn sigaction "int sig" "struct sigaction *act" "struct sigaction *oact"
.Sh DESCRIPTION
The system defines a set of signals that may be delivered to a process.
-Signal delivery resembles the occurence of a hardware interrupt:
+Signal delivery resembles the occurrence of a hardware interrupt:
the signal is blocked from further occurrence, the current process
context is saved, and a new one is built. A process may specify a
.Em handler
the signal is blocked from further occurrence, the current process
context is saved, and a new one is built. A process may specify a
.Em handler
+.Dv SIG_DFL ,
+the default action for the signal is to discard the signal,
+and if a signal is pending,
+the pending signal is discarded even if the signal is masked.
+If
+.Fa sa_handler
+is set to
.Dv SIG_IGN
current and pending instances
of the signal are ignored and discarded.
.Dv SIG_IGN
current and pending instances
of the signal are ignored and discarded.
the system will deliver the signal to the process on a
.Em "signal stack" ,
specified with
the system will deliver the signal to the process on a
.Em "signal stack" ,
specified with
.Pp
If a signal is caught during the system calls listed below,
the call may be forced to terminate
with the error
.Dv EINTR ,
.Pp
If a signal is caught during the system calls listed below,
the call may be forced to terminate
with the error
.Dv EINTR ,
+the call may return with a data transfer shorter than requested,
or the call may be restarted.
Restart of pending calls is requested
by setting the
or the call may be restarted.
Restart of pending calls is requested
by setting the
bit in
.Ar sa_flags .
The affected system calls include
bit in
.Ar sa_flags .
The affected system calls include
.Xr read 2 ,
.Xr write 2 ,
.Xr sendto 2 ,
.Xr read 2 ,
.Xr write 2 ,
.Xr sendto 2 ,
is not allowed to block
.Dv SIGKILL
or
is not allowed to block
.Dv SIGKILL
or
This is done silently by the system.
.Sh RETURN VALUES
A 0 value indicated that the call succeeded. A \-1 return value
indicates an error occurred and
.Va errno
is set to indicated the reason.
This is done silently by the system.
.Sh RETURN VALUES
A 0 value indicated that the call succeeded. A \-1 return value
indicates an error occurred and
.Va errno
is set to indicated the reason.
+.Sh EXAMPLE
+The handler routine can be declared:
+.Bd -literal -offset indent
+void handler(sig, code, scp)
+int sig, code;
+struct sigcontext *scp;
+.Ed
+.Pp
+Here
+.Fa sig
+is the signal number, into which the hardware faults and traps are
+mapped.
+.Em Code
+is a parameter that is either a constant
+or the code provided by
+the hardware.
+.Fa Scp
+is a pointer to the
+.Fa sigcontext
+structure (defined in
+.Aq Pa signal.h ) ,
+used to restore the context from before the signal.
+.Sh ERRORS
.Fn Sigaction
will fail and no new signal handler will be installed if one
of the following occurs:
.Fn Sigaction
will fail and no new signal handler will be installed if one
of the following occurs:
-.Tw Er
-.Tl Bq Er EFAULT
+.Bl -tag -width Er
+.It Bq Er EFAULT
Either
.Fa act
or
.Fa oact
points to memory that is not a valid part of the process
address space.
Either
.Fa act
or
.Fa oact
points to memory that is not a valid part of the process
address space.
.Fa Sig
is not a valid signal number.
.Fa Sig
is not a valid signal number.
An attempt is made to ignore or supply a handler for
An attempt is made to ignore or supply a handler for
.Sh STANDARD
The
.Nm sigaction
.Sh STANDARD
The
.Nm sigaction
.Dv SIGWINCH ,
and
.Dv SIGINFO .
.Dv SIGWINCH ,
and
.Dv SIGINFO .
-Most of those signals are available on most
+Those signals are available on most
.Tn BSD Ns \-derived
systems.
.Sh SEE ALSO
.Tn BSD Ns \-derived
systems.
.Sh SEE ALSO
.Xr ptrace 2 ,
.Xr kill 2 ,
.Xr sigaction 2 ,
.Xr ptrace 2 ,
.Xr kill 2 ,
.Xr sigaction 2 ,
.Xr sigsuspend 2 ,
.Xr sigblock 2 ,
.Xr sigsetmask 2 ,
.Xr sigpause 2 ,
.Xr sigsuspend 2 ,
.Xr sigblock 2 ,
.Xr sigsetmask 2 ,
.Xr sigpause 2 ,
.Xr sigvec 2 ,
.Xr setjmp 3 ,
.Xr sigvec 2 ,
.Xr setjmp 3 ,
-.Sh EXAMPLE
-On a
-.Tn VAX\-11,
-the handler routine can be declared:
-.Bd -literal -offset indent
-void handler(sig, code, scp)
-int sig, code;
-struct sigcontext *scp;
-.Ed
-.Pp
-Here
-.Fa sig
-is the signal number, into which the hardware faults and traps are
-mapped as defined below.
-.Em Code
-is a parameter that is either a constant
-as given below or the code provided by
-the hardware (Compatibility mode faults are distinguished from the
-other
-.Dv SIGILL
-traps by having
-.Dv PSL_CM
-set in the psl).
-.Fa Scp
-is a pointer to the
-.Fa sigcontext
-structure (defined in
-.Aq Pa signal.h ) ,
-used to restore the context from before the signal.
projects / unix-history / commitdiff