2 .\" Copyright (c) 1996 Julian R Elischer
3 .\" All rights reserved.
5 .\" This code is derived from software contributed by Kenneth Stailey.
7 .\" Redistribution and use in source and binary forms, with or without
8 .\" modification, are permitted provided that the following conditions
10 .\" 1. Redistributions of source code must retain the above copyright
11 .\" notice, this list of conditions and the following disclaimer.
12 .\" 2. Redistributions in binary form must reproduce the above copyright
13 .\" notice, this list of conditions and the following disclaimer in the
14 .\" documentation and/or other materials provided with the distribution.
15 .\" 3. The name of the author may not be used to endorse or promote products
16 .\" derived from this software without specific prior written permission.
18 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
24 .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
25 .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
26 .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 .Nd check if credentials have superuser privileges
43 .Fn suser "struct thread *td"
45 .Fn suser_cred "struct ucred *cred" "int flag"
51 functions check if the credentials given include superuser powers.
53 These interfaces have now been obsoleted by
55 and are provided only for compatibility with third party kernel modules that
56 have not yet been updated to the new interface.
57 They should not be used in any new kernel code.
61 function is the most common, and should be used unless special
62 circumstances dictate otherwise.
66 function should be used when the credentials to be checked are
67 not the thread's own, when there is no thread, when superuser
68 powers should be extended to imprisoned roots, or when the credential
69 to be checked is the real user rather than the effective user.
71 By default, a process does not command superuser powers if it has
72 been imprisoned by the
75 There are cases however where this is appropriate, and this can
83 It is important to review carefully in each case that
84 this does not weaken the prison.
85 Generally, only where the action is protected by
89 call should such powers be granted.
91 By default, the credential checked is the effective user.
93 where it is instead necessary to check the real user (for example, when
94 determining if resource limits should be applied), and this can be done
107 functions note the fact that superuser powers have been used in the
108 process structure of the process specified.
109 Because part of their function is to notice
110 whether superuser powers have been used,
111 the functions should only be called after other permission
112 possibilities have been exhausted.
118 functions return 0 if the user has superuser powers and
123 of some other implementations of
125 in which a TRUE response indicates superuser powers.
135 functions do not, in fact, record that superuser privileges have been
136 used, and have not done so since August 2000.