ppriv(1) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

ppriv(1)

ppriv(1)                         User Commands                        ppriv(1)



NAME
       ppriv - inspect or modify process privilege sets and attributes

SYNOPSIS
       /usr/bin/ppriv -e [-f {+-}{ADKMPRSTUX}] [-s spec] [-r rule]
            command [arg]...


       /usr/bin/ppriv [-vn] [-f {+-}{ADKMPRSTUX}] [-S] [-s spec]
            [-r rule][pid | core]...


       /usr/bin/ppriv -l [-vn] [privilege-specification | extended-policy]...


       /usr/bin/ppriv -q [-f {+-}{ADKMPRSTUX} [privilege-specification]

DESCRIPTION
       The  first  invocation  of the ppriv command runs the command specified
       with the privilege sets and flags modified according to  the  arguments
       on the command line.


       The  second  invocation examines or changes the privilege state of run‐
       ning process and core files.


       The third invocation lists the privileges defined and information about
       specified privileges or privileges set specifications.

OPTIONS
       The following options are supported:

       -D

           Obsolete. Same as -f  +D.


       -e

           Interprets  the  remainder  of  the arguments as a command line and
           runs the command line with specified privilege attributes and sets.


       -f {+-} {ADKMPRSTUX}

           To set or unset the process flags of the processes or  the  command
           supplied. For more information, see the setpflags(2) man page.

           D    PRIV_DEBUG


           M    NET_MAC_AWARE, NET_MAC_AWARE_INHERIT


           P    PRIV_PFEXEC


           A    PRIV_PFEXEC_AUTH


           K    PRIV_TPD_KILLABLE


           R    PRIV_PROC_TPD_RESET


           S    PRIV_PROC_SENSITIVE

                Warning:  Unsetting this flag can expose potentially sensitive
                data to other processes with proc_owner privilege,  regardless
                of ownership


           T    PRIV_PROC_TPD


           U    PRIV_TPD_UNSAFE


           X    PRIV_XPOLICY



       -l

           Lists all currently defined privileges on stdout.


       -M

           Obsolete. Same as -f  +M.


       -n

           Shows port numbers and users as numbers. Normally, ppriv shows port
           numbers and users as symbols. This option is only  applicable  when
           displaying Extended Policies.


       -N

           Obsolete. Same as -f  -D.


       -P

           Obsolete. Same as -f  +P.


       -s spec

           Modifies a process's privilege sets according to spec, a specifica‐
           tion with the format [AEILP][+-=]privsetspec, containing no spaces,
           where:


           AEILP

               Indicates  one  or more letters indicating which privilege sets
               to change. These are case insensitive, for example, either a or
               A indicates all privilege sets.

               For  definitions  of the single letter abbreviations for privi‐
               lege sets, see privileges(7).


           +-=

               Indicates a modifier to respectively add (+),  remove  (-),  or
               assign  (=)  the  listed  privileges to the specified set(s) in
               privsetspec.


           privsetspec

               Indicates  a  comma-separated   privilege   set   specification
               (priv1,priv2, and so on), as described in priv_str_to_set(3C).

           Modifying the same set with multiple -s options is possible as long
           as there is either precisely one assignment to an individual set or
           any number of additions and removals. That is, assignment and addi‐
           tion or removal for one set are mutually exclusive.


       -q

           Tests whether privileges are in the effective set and whether flags
           are set or non-set. The programs exists successfully when all tests
           are fulfilled.


       -r rule

           Install an Extended Policy. For more information,  see  the  privi‐
           leges(7) man page.

           Multiple  rules  can  be  specified. The new rules are added to the
           existing policy. To replace an existing  policy,  first  remove  it
           with -X, and then add the new policy with -r.


       -S

           Short.  Reports  the shortest possible output strings for sets. The
           default  is  portable  output.  For  more  information,   see   the
           priv_str_to_set(3C) man page.


       -X

           Obsolete. Same as -f  -X.


       -v

           Verbose. Reports privilege sets using privilege names.


       -?
       --help

           Print usage message and immediately exit.



USAGE
       The  ppriv  utility  examines  processes  and  core files and prints or
       changes their privilege sets.


       ppriv can run commands with privilege debugging on or off or with fewer
       privileges than the invoking process.


       When  executing a sub process, the only sets that can be modified are L
       and I. Privileges can only be removed from L and I as ppriv starts with
       P=E=I.


       ppriv can also be used to remove privileges from processes or to convey
       privileges to other processes. In  order  to  control  a  process,  the
       effective  set  of  the  ppriv  utility must be a super set of the con‐
       trolled process's E, I, and P. The utility's limit set must be a  super
       set  of  the  target's  limit  set. If the target's process uids do not
       match, the {PRIV_PROC_OWNER} privilege must be asserted  in  the  util‐
       ity's  effective set. If the controlled processes have any uid with the
       value 0, more restrictions might exist. For more information,  see  the
       privileges(7) man page.

EXAMPLES
       Example 1 Obtaining the Process Privileges of the Current Shell



       The  following  example  obtains  the process privileges of the current
       shell:


         example$ ppriv $$
         387:   -sh
         flags = <none>
                  E: basic
                  I: basic
                  P: basic
                  L: all


       Example 2 Removing a Privilege from the Inheritable and Effective Sets



       The following example removes a privilege from your shell's inheritable
       and effective set.


         example$ ppriv -s EI-proc_session $$




       The  subprocess can still inspect the parent shell but it can no longer
       influence the parent because the parent has more privileges in its Per‐
       mitted set than the ppriv child process:


         example$ truss -p $$
         truss: permission denied: 387

         example$ ppriv $$
         387:   -sh
         flags = <none>
                  E: basic,!proc_session
                  I: basic,!proc_session
                  P: basic
                  L: all


       Example 3 Running a Process with Privilege Debugging



       The following example runs a process with privilege debugging:


         example$ ppriv -e -f +D cat /etc/shadow
         cat[418]: missing privilege "file_dac_read" (euid = 21782,
          syscall = "openat") for "/etc/shadow" at zfs_zaccess+0x284
         cat: cannot open /etc/shadow




       The privilege debugging error messages are sent to the controlling ter‐
       minal of the current process. The needed at address specification is an
       artifact of the kernel implementation and it can be changed at any time
       after a software update.



       The  system  call  number  can  be  mapped  to  a  system  call   using
       /etc/name_to_sysnum .

       Example 4 Listing the Privileges Available in the Current Zone



       The  following  example  lists  the privileges available in the current
       zone (see zones(7)). When run in the global zone,  all  defined  privi‐
       leges are listed.


         example$ ppriv -l zone
          ... listing of all privileges elided ...


       Example 5 Examining a Privilege Aware Process



       The following example examines a privilege aware process:


         example$ ppriv -S 'pgrep rpcbind'
         928:    /usr/sbin/rpcbind
         flags = PRIV_AWARE
                 E: net_privaddr,proc_fork,sys_nfs
                 I: none
                 P: net_privaddr,proc_fork,sys_nfs
                 L: none




       See setpflags(2) for explanations of the flags.

       Example 6 Running a Process Under an Extended Policy



       The following example runs a process under an extended policy:


         example$ ppriv -r '{file_write}:/home/casper/.mozilla/*' \
              -r '{file_write}:/tmp/*,{proc_exec}:/usr/*' -e firefox




       See privileges(7).

       Example 7 Examining a Process that Has been Started



       The  following example examines the process that was started in example
       6:


         example$ ppriv 101272
         101272: /usr/lib/firefox/firefox-bin
         flags = PRIV_XPOLICY
         Extended policies:
         {file_write}:/home/casper/.mozilla/*
         {file_write}:/tmp/*
         {proc_exec}:/usr/*
         E: basic,!file_write,!proc_exec
         I: basic,!file_write,!proc_exec
         P: basic,!file_write,!proc_exec
         L: all


       Example 8 Testing for Flags and Privileges



       The following example tests for flags and privileges:


         if ppriv -q -f +D file_read; then
                 echo Privilege debugging is enabled
                 echo and file_read privilege detected
         fi


EXIT STATUS
       The following exit values are returned:

       0           Successful operation.


       non-zero    An error has occurred.


FILES
       /proc/*                Process files


       /etc/name_to_sysnum    system call name to number mapping


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE  TYPEAT‐
       TRIBUTE  VALUE  _  Availabilitysystem/core-os  _ Interface StabilitySee
       below



       The invocation is Committed. The output is Uncommitted.

SEE ALSO
       gcore(1),   truss(1),   setpflags(2),   priv_str_to_set(3C),   proc(5),
       attributes(7), privileges(7), tpd(7), zones(7)

HISTORY
       The  K  and  R  flags  for  the  -f option were added in Oracle Solaris
       11.4.0.


       The S flag for the -f option was added in Oracle Solaris 11.3.20.


       The -f and -q options, and the A, D, M, P, T, U, and X flags for the -f
       option, were added in Oracle Solaris 11.2.0. The -D, -M, -N, -P, and -X
       options were declared obsolete at the same time.


       The -n, -r, and -X options, and support  for  Extended  Policies,  were
       added in Oracle Solaris 11.1.0.


       The -P option was added in Oracle Solaris 11.0.0.


       The -M option was added in Solaris 10 11/06 (Update 3).


       The  ppriv command, with support for the -D, -e, -l, -N, -S, -s, and -v
       options, was added in Solaris 10 3/05.



Oracle Solaris 11.4            18 September 2021                      ppriv(1)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3