Process::Initgroups
Section: User Contributed Perl Documentation (3pm)
Updated: 2013-03-09
Index
Return to Main Contents
NAME
Process::Initgroups - Perl extension to use the c function initgroups found on most linux like systems.
SYNOPSIS
use Process::Initgroups;
my $user = 'dave';
my (undef,undef,$uid,$gid,undef,undef,undef,undef,undef) = getpwnam($user);
#
# Here you can use the gid returned by getpwnam, which is the primary group for the user or arbitrarily choose a group with getgrnam
# my $gid = getgrnam('some_group_name');
#
if( ! Process::Initgroups::initgroups($user,$gid) )
{
# handle failure
}
# Assuming the goal is to drop privliges, it is still necessary to setgid, then setuid
if( ! setgid($gid) ) { handle failure }
if( ! setuid($uid) ) { handle failure }
DESCRIPTION
Runs initgroups found on most unix/linux systems. Return codes are the same as POSIX return codes. Failure: undef. Success: ``0 but true''
EXPORT
None by default.
SEE ALSO Initgroups and setgroups man pages. Initgroups will initalize the process with all groups the user belongs to in /etc/groups.
If the user does not require all groups, then use the obscure: $) = ``$gid $gid''; which passes the second gid to setgroups();
This will effectively clear the group list and the gid passed will be the only group associated with the process.
Note if the second gid is omitted, then $) = ``$gid''; leaves the current process real and effective gid(s) associated with the process.
AUTHOR
dave, <dave@>
COPYRIGHT AND LICENSE
Copyright (C) 2013 by dave;
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.14.2 or,
at your option, any later version of Perl 5 you may have available.
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- EXPORT
-
- SEE ALSO Initgroups and setgroups man pages. Initgroups will initalize the process with all groups the user belongs to in /etc/groups.
-
- AUTHOR
-
- COPYRIGHT AND LICENSE
-
This document was created by