X-Git-Url: http://git.osdn.net/view?p=linuxjm%2FLDP_man-pages.git;a=blobdiff_plain;f=original%2Fman2%2Fsetuid.2;h=5f4fde8484dd874b316e90f396871a1b8e8b43d6;hp=f59821d1af921b45dd0ce2bba1d792b2d6f3783b;hb=4ea6bb24817f6f049d6bbc90ecd77a869876f9b0;hpb=361fd72f831aabd8a0aa6fe7bc4ef66ef4f89a1b diff --git a/original/man2/setuid.2 b/original/man2/setuid.2 index f59821d1..5f4fde84 100644 --- a/original/man2/setuid.2 +++ b/original/man2/setuid.2 @@ -27,7 +27,7 @@ .\" , aeb 970616. .\" Modified, 27 May 2004, Michael Kerrisk .\" Added notes on capability requirements -.TH SETUID 2 2010-11-22 "Linux" "Linux Programmer's Manual" +.TH SETUID 2 2014-09-21 "Linux" "Linux Programmer's Manual" .SH NAME setuid \- set user identity .SH SYNOPSIS @@ -72,16 +72,41 @@ On success, zero is returned. On error, \-1 is returned, and .I errno is set appropriately. + +.IR Note : +there are cases where +.BR setuid () +can fail even when the caller is UID 0; +it is a grave security error to omit checking for a failure return from +.BR setuid (). .SH ERRORS .TP .B EAGAIN -The +The call would change the caller's real UID (i.e., +.I uid +does not match the caller's real UID), +but there was a temporary failure allocating the +necessary kernel data structures. +.TP +.B EAGAIN .I uid -does not match the current uid and +does not match the real user ID of the caller and this call would +bring the number of processes belonging to the real user ID .I uid -brings process over its +over the caller's .B RLIMIT_NPROC resource limit. +Since Linux 3.1, this error case no longer occurs +(but robust applications should check for this error); +see the description of +.B EAGAIN +in +.BR execve (2). +.TP +.B EINVAL +The user ID specified in +.I uid +is not valid in this user namespace. .TP .B EPERM The user is not privileged (Linux: does not have the @@ -123,12 +148,14 @@ wrapper function transparently deals with the variation across kernel versions. .BR setfsuid (2), .BR setreuid (2), .BR capabilities (7), -.BR credentials (7) +.BR credentials (7), +.BR user_namespaces (7) .SH COLOPHON -This page is part of release 3.65 of the Linux +This page is part of release 3.79 of the Linux .I man-pages project. A description of the project, -and information about reporting bugs, +information about reporting bugs, +and the latest version of this page, can be found at \%http://www.kernel.org/doc/man\-pages/.