login_getclass, login_getcapbool, login_getcapnum, login_getcapsize,
login_getcapstr, login_getcaptime, login_close, setclasscontext,
setusercontext - query login.conf database about a user class
System Utilities Library (libutil, -lutil)
login_getcapbool(login_cap_t *lc, char *cap, u_int def);
login_getcapnum(login_cap_t *lc, char *cap, quad_t def, quad_t err);
login_getcapsize(login_cap_t *lc, char *cap, quad_t def, quad_t err);
login_getcapstr(login_cap_t *lc, char *cap, char *def, char *err);
login_getcaptime(login_cap_t *lc, char *cap, quad_t def, quad_t err);
setclasscontext(char *class, u_int flags);
setusercontext(login_cap_t *lc, struct passwd *pwd, uid_t uid,
The login_getclass() function extracts the entry specified by class (or
default if class is NULL or the empty string) from /etc/login.conf (see
login.conf(5)). If the entry is found, a login_cap_t pointer is
returned. NULL is returned if the user class is not found. When the
login_cap_t structure is no longer needed, it should be freed by the
Once lc has been returned by login_getclass(), any of the other login_*()
functions may be called.
The login_getcapnum(), login_getcapsize(), login_getcapstr(), and
login_getcaptime() functions all query the database entry for a field
named cap. If the field is found, its value is returned. If the field
is not found, the value specified by def is returned. If an error is
encountered while trying to find the field, err is returned. See
login.conf(5) for a discussion of the various textual forms the value may
take. The login_getcapbool() function is slightly different. It returns
def if no capabilities were found for this class (typically meaning that
the default class was used and the /etc/login.conf file is missing). It
returns a non-zero value if cap, with no value, was found, zero otherwise.
The setclasscontext() function takes class, the name of a user class, and
sets the resources defined by that class according to flags. Only the
LOGIN_SETPATH, LOGIN_SETPRIORITY, LOGIN_SETRESOURCES, and LOGIN_SETUMASK
bits are used. (See setusercontext() below). It returns 0 on success
and -1 on failure.
The setusercontext() function sets the resources according to flags. The
lc argument, if not NULL, contains the class information that should be
used. The pwd argument, if not NULL, provides information about the
user. Both lc and pwd cannot be NULL. The uid argument is used in place
of the user id contained in the pwd structure when calling setuid(2).
The various bits available to be or-ed together to make up flags are:
LOGIN_SETGROUP Set the group id and call initgroups(3). Requires
the pwd field be specified.
LOGIN_SETLOGIN Sets the login name by setlogin(2). Requires the
pwd field be specified.
LOGIN_SETPATH Sets the PATH environment variable.
LOGIN_SETPRIORITY Sets the priority by setpriority(2).
LOGIN_SETRESOURCES Sets the various system resources by setrlimit(2).
LOGIN_SETUMASK Sets the umask by umask(2).
LOGIN_SETUSER Sets the user id to uid by setuid(2).
LOGIN_SETENV Sets the environment variables as defined by the
setenv keyword, by setenv(3).
LOGIN_SETALL Sets all of the above.
setlogin(2), setpriority(2), setrlimit(2), setuid(2), umask(2),
initgroups(3), secure_path(3), login.conf(5)
The login_getclass family of functions are largely based on the BSD/OS
implementation of same, and appeared in NetBSD 1.5 by kind permission.
BSD January 13, 2000 BSD
[ Back ]