man.bsd.lv manual page server

Manual Page Search Parameters
LOGIN_CLASS(3) Library Functions Manual LOGIN_CLASS(3)

setclasscontext, setclassenvironment, setclassresources, setusercontextfunctions for using the login class capabilities database

library “libutil”

#include <sys/types.h>
#include <login_cap.h>

int
setclasscontext(const char *classname, unsigned int flags);

int
setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned int flags);

void
setclassresources(login_cap_t *lc);

void
setclassenvironment(login_cap_t *lc, const struct passwd *pwd, int paths);

These functions provide a higher level interface to the login class database than those documented in login_cap(3). These functions are used to set resource limits, environment and accounting settings for users on logging into the system and when selecting an appropriate set of environment and resource settings for system daemons based on login classes. These functions may only be called if the current process is running with root privileges. If the LOGIN_SETLOGIN flag is used this function calls setlogin(2), and due care must be taken as detailed in the manpage for that function and this affects all processes running in the same session and not just the current process.

() sets various class context values (resource limits, umask and process priorities) based on values for a specific named class.

The function () sets class context values based on a given login_cap_t object, a specific passwd record (if login_cap_t is NULL), sets the current session's login and the current process user and group ownership. Each of these functions is selectable via bit-flags passed in the flags parameter, which is comprised of one or more of the following:

Set the login associated with the current session to the user specified in the passwd structure. setlogin(2). The pwd parameter must not be NULL if this option is used.
Set ownership of the current process to the uid specified in the uid parameter using setuid(2).
Set group ownership of the current process to the group id specified in the passwd structure using setgid(2), and calls initgroups(3) to set up the group access list for the current process. The pwd parameter must not be NULL if this option is used.
Set resource limits for the current process based on values specified in the system login class database. Class capability tags used, with and without -cur (soft limit) or -max (hard limit) suffixes and the corresponding resource setting: 
cputime       RLIMIT_CPU
filesize      RLIMIT_FSIZE
datasize      RLIMIT_DATA
stacksize     RLIMIT_STACK
coredumpsize  RLIMIT_CORE
memoryuse     RLIMIT_RSS
memorylocked  RLIMIT_MEMLOCK
maxproc       RLIMIT_NPROC
openfiles     RLIMIT_NOFILE
sbsize        RLIMIT_SBSIZE
vmemoryuse    RLIMIT_VMEM
Set the scheduling priority for the current process based on the value specified in the system login class database. Class capability tags used: 
priority
Set the umask for the current process to a value in the user or system login class database. Class capability tags used: 
umask
Set the "path" and "manpath" environment variables based on values in the user or system login class database. Class capability tags used with the corresponding environment variables set: 
path          PATH
manpath       MANPATH
Set various environment variables based on values in the user or system login class database. Class capability tags used with the corresponding environment variables set: 
lang          LANG
charset       MM_CHARSET
timezone      TZ
term          TERM

Additional environment variables may be set using the list type capability "setenv=var1 val1,var2 val2..,varN valN".

Enables all of the above settings.

Note that when setting environment variables and a valid passwd pointer is provided in the pwd parameter, the characters ‘~’ and ‘$’ are substituted for the user's home directory and login name respectively.

The () and () functions are subsets of the setcontext functions above, but may be useful in isolation.

The setclasscontext() and setusercontext() functions return -1 if an error occurred, or 0 on success. If an error occurs when attempting to set the user, login, group or resources, a message is reported to syslog(3), with LOG_ERR priority and directed to the currently active facility.

[]
The function setclassenvironment() failed because it were unable to allocate memory for the environment.

setgid(2), setlogin(2), setuid(2), getcap(3), initgroups(3), login_cap(3), login.conf(5), termcap(5)

December 28, 1996 DragonFly-5.6.1