setresuid, setresgid — set real, effective and saved user or group ID
#define _GNU_SOURCE #include <unistd.h>
int
setresuid( |
uid_t | ruid, |
| uid_t | euid, | |
| uid_t | suid); |
int
setresgid( |
gid_t | rgid, |
| gid_t | egid, | |
| gid_t | sgid); |
setresuid() sets the real
user ID, the effective user ID, and the saved set-user-ID of
the calling process.
Unprivileged user processes may change the real UID, effective UID, and saved set-user-ID, each to one of: the current real UID, the current effective UID or the current saved set-user-ID.
Privileged processes (on Linux, those having the
CAP_SETUID capability) may set
the real UID, effective UID, and saved set-user-ID to
arbitrary values.
If one of the parameters equals −1, the corresponding value is not changed.
Regardless of what changes are made to the real UID, effective UID, and saved set-user-ID, the file system UID is always set to the same value as the (possibly new) effective UID.
Completely analogously, setresgid() sets the real GID, effective
GID, and saved set-group-ID of the calling process (and
always modifies the file system GID to be the same as the
effective GID), with the same restrictions for non-privileged
processes.
On success, zero is returned. On error, −1 is
returned, and errno is set
appropriately.
uid does
not match the current UID and this call would bring
that user ID over its RLIMIT_NPROC resource limit.
The calling process is not privileged (did not have
the CAP_SETUID
capability) and tried to change the IDs to values that
are not permitted.
Under HP-UX and FreeBSD the prototype is found in
<unistd.h>
Under Linux the prototype is provided by glibc since version
2.3.2.
getresuid(2), getuid(2), setfsuid(2), setfsgid(2), setreuid(2), setuid(2), capabilities(7), credentials(7), feature_test_macros(7)