.\" 2004-07-04 by aeb
.\" 2004-05-27 by Michael Kerrisk
.\"
-.TH SETREUID 2 2013-12-12 "Linux" "Linux Programmer's Manual"
+.TH SETREUID 2 2014-09-21 "Linux" "Linux Programmer's Manual"
.SH NAME
setreuid, setregid \- set real and/or effective user or group ID
.SH SYNOPSIS
On error, \-1 is returned, and
.I errno
is set appropriately.
+
+.IR Note :
+there are cases where
+.BR setreuid ()
+can fail even when the caller is UID 0;
+it is a grave security error to omit checking for a failure return from
+.BR setreuid ().
.SH ERRORS
.TP
+.B EAGAIN
+The call would change the caller's real UID (i.e.,
+.I ruid
+does not match the caller's real UID),
+but there was a temporary failure allocating the
+necessary kernel data structures.
+.TP
+.B EAGAIN
+.I ruid
+does not match the caller's real UID and this call would
+bring the number of processes belonging to the real user ID
+.I ruid
+over the caller's
+.B RLIMIT_NPROC
+resource limit.
+Since Linux 3.1, this error case no longer occurs
+(but robust applications should check for this error);
+see the description of
+.B EAGAIN
+in
+.BR execve (2).
+.TP
+.B EINVAL
+One or more of the target user or group IDs
+is not valid in this user namespace.
+.TP
.B EPERM
The calling process is not privileged
(Linux: does not have the
.BR setgid (2),
.BR setresuid (2),
.BR setuid (2),
-.BR capabilities (7)
+.BR capabilities (7),
+.BR user_namespaces (7)
.SH COLOPHON
-This page is part of release 3.68 of the Linux
+This page is part of release 3.79 of the Linux
.I man-pages
project.
A description of the project,