Enum illumos_priv::Privilege [−][src]
Mapping to the various illumos PRIVILEGES(5).
Variants
Allows a process to request critical events without limitation. Allows a process to request reliable delivery of all events on any event queue.
Allows a process to set the service FMRI value of a process contract template.
Allows a process to observe contract events generated by contracts created and owned by users other than the process’s effective user ID. Allows a process to open contract event endpoints belonging to contracts created and owned by users other than the process’s effective user ID.
Allow a process to access per-CPU hardware performance counters.
Allows DTrace kernel-level tracing.
Allows DTrace process-level tracing. Allows process-level tracing probes to be placed and enabled in processes to which the user has permissions.
Allows DTrace user-level tracing. Allows use of the syscall and profile DTrace providers to examine processes to which the user has permissions.
Allows a process to change a file’s owner user ID. Allows a process to change a file’s group ID to one other than the process’ effective group ID or one of the process’ supplemental group IDs.
Allows a process to give away its files; a process with this privilege will run as if {_POSIX_CHOWN_RESTRICTED} is not in effect.
Allows a process to execute an executable file whose permission bits or ACL do not allow the process execute permission.
Allows a process to read a file or directory whose permission bits or ACL do not allow the process read permission.
Allows a process to search a directory whose permission bits or ACL do not allow the process search permission.
Allows a process to write a file or directory whose permission bits or ACL do not allow the process write permission. In order to write files owned by uid 0 in the absence of an effective uid of 0 ALL privileges are required.
Allows a process to set the sensitivity label of a file or directory to a sensitivity label that does not dominate the existing sensitivity label. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to set immutable, nounlink or appendonly file attributes.
Allows a process to create hardlinks to files owned by a uid different from the process’ effective uid.
Allows a process which is not the owner of a file or directory
to perform the following operations that are normally permitted
only for the file owner: modify that file’s access and
modification times; remove or rename a file or directory whose
parent directory has the save text image after execution'' (sticky) bit set; mount a namefs’’ upon a file; modify
permission bits or ACL except for the set-uid and set-gid
bits.
Allows a process to read objects in the filesystem.
Allows a process to change the ownership of a file or write to a file without the set-user-ID and set-group-ID bits being cleared. Allows a process to set the set-group-ID bit on a file or directory whose group is not the process’ effective group or one of the process’ supplemental groups. Allows a process to set the set-user-ID bit on a file with different ownership in the presence of PRIV_FILE_OWNER. Additional restrictions apply when creating or modifying a set-uid 0 file.
Allows a process to set the sensitivity label of a file or directory to a sensitivity label that dominates the existing sensitivity label. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to modify objects in the filesystem.
Allows a process to make privileged ioctls to graphics devices. Typically only xserver process needs to have this privilege. A process with this privilege is also allowed to perform privileged graphics device mappings.
Allows a process to perform privileged mappings through a graphics device.
Allows a process to manage hyprlofs entries.
Allows a process to read a System V IPC Message Queue, Semaphore Set, or Shared Memory Segment whose permission bits do not allow the process read permission. Allows a process to read remote shared memory whose permission bits do not allow the process read permission.
Allows a process to write a System V IPC Message Queue, Semaphore Set, or Shared Memory Segment whose permission bits do not allow the process write permission. Allows a process to read remote shared memory whose permission bits do not allow the process write permission. Additional restrictions apply if the owner of the object has uid 0 and the effective uid of the current process is not 0.
Allows a process which is not the owner of a System V IPC Message Queue, Semaphore Set, or Shared Memory Segment to remove, change ownership of, or change permission bits of the Message Queue, Semaphore Set, or Shared Memory Segment. Additional restrictions apply if the owner of the object has uid 0 and the effective uid of the current process is not 0.
Allows a process to open a TCP, UDP, SDP or SCTP network endpoint.
Allow a process to bind to a port that is configured as a multi-level port(MLP) for the process’s zone. This privilege applies to both shared address and zone-specific address MLPs. See tnzonecfg(4) from the Trusted Extensions manual pages for information on configuring MLP ports. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to send and receive ICMP packets.
Allows a process to set NET_MAC_AWARE process flag by using setpflags(2). This privilege also allows a process to set SO_MAC_EXEMPT socket option by using setsockopt(3SOCKET). The NET_MAC_AWARE process flag and the SO_MAC_EXEMPT socket option both allow a local process to communicate with an unlabeled peer if the local process’ label dominates the peer’s default label, or if the local process runs in the global zone. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to set SO_MAC_IMPLICIT option by using setsockopt(3SOCKET). This allows a privileged process to transmit implicitly-labeled packets to a peer. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to access /dev/lo0 and the devices in /dev/ipnet/ while not requiring them to need PRIV_NET_RAWACCESS.
Allows a process to bind to a privileged port number. The privilege port numbers are 1-1023 (the traditional UNIX privileged ports) as well as those ports marked as “udp/tcp_extra_priv_ports” with the exception of the ports reserved for use by NFS.
Allows a process to have direct access to the network layer.
Allows a process to generate audit records. Allows a process to get its own audit pre-selection information.
Allows a process to change its root directory.
Allows a process to use high resolution timers.
Allows a process to call execve().
Allows a process to call fork1()/forkall()/vfork()
Allows a process to examine the status of processes other than those it can send signals to. Processes which cannot be examined cannot be seen in /proc and appear not to exist.
Allows a process to lock pages in physical memory.
Allows a process to access physical memory information.
Allows a process to send signals to other processes, inspect and modify process state to other processes regardless of ownership. When modifying another process, additional restrictions apply: the effective privilege set of the attaching process must be a superset of the target process’ effective, permitted and inheritable sets; the limit set must be a superset of the target’s limit set; if the target process has any uid set to 0 all privilege must be asserted unless the effective uid is 0. Allows a process to bind arbitrary processes to CPUs.
Allows a process to elevate its priority above its current level.
Allows all that PRIV_PROC_PRIOUP allows. Allows a process to change its scheduling class to any scheduling class, including the RT class.
Allows a process to manipulate the secflags of processes (subject to, additionally, the ability to signal that process)
Allows a process to send signals or trace processes outside its session.
Allows a process to set its uids at will. Assuming uid 0 requires all privileges to be asserted.
Allows a process to assign a new task ID to the calling process.
Allows a process to trace or send signals to processes in other zones.
Allows a process to enable and disable and manage accounting through acct(2), getacct(2), putacct(2) and wracct(2).
Allows a process to perform system administration tasks such as setting node and domain name and specifying nscd and coreadm settings.
Allows a process to start the (kernel) audit daemon. Allows a process to view and set audit state (audit user ID, audit terminal ID, audit sessions ID, audit pre-selection mask). Allows a process to turn off and on auditing. Allows a process to configure the audit parameters (cache and queue sizes, event to class mappings, policy options).
Allows a process to perform various system configuration tasks. Allows a process to add and remove swap devices; when adding a swap device, a process must also have sufficient privileges to read from and write to the swap device.
Allows a process to successfully call a kernel module that calls the kernel drv_priv(9F) function to check for allowed access. Allows a process to open the real console device directly. Allows a process to open devices that have been exclusively opened.
Allows a process to import a potentially untrusted file system.
Allows a process to increase the size of a System V IPC Message Queue buffer.
Allows a process to unlink and link directories.
Allows filesystem specific administrative procedures, such as filesystem configuration ioctls, quota calls and creation/deletion of snapshots. Allows a process to mount and unmount filesystems which would otherwise be restricted (i.e., most filesystems except namefs). A process performing a mount operation needs to have appropriate access to the device being mounted (read-write for “rw” mounts, read for “ro” mounts). A process performing any of the aforementioned filesystem operations needs to have read/write/owner access to the mount point. Only regular files and directories can serve as mount points for processes which do not have all zone privileges asserted. Unless a process has all zone privileges, the mount(2) system call will force the “nosuid” and “restrict” options, the latter only for autofs mountpoints. Regardless of privileges, a process running in a non-global zone may only control mounts performed from within said zone. Outside the global zone, the “nodevices” option is always forced.
Allows a process to configure IP tunnel links.
Allows a process to configure all classes of datalinks, including configuration allowed by PRIV_SYS_IPTUN_CONFIG.
Allows a process to configure a system’s IP interfaces and routes. Allows a process to configure network parameters using ndd. Allows a process access to otherwise restricted information using ndd. Allows a process to configure IPsec. Allows a process to pop anchored STREAMs modules with matching zoneid.
Allows all that PRIV_SYS_IP_CONFIG, PRIV_SYS_DL_CONFIG, and PRIV_SYS_PPP_CONFIG allow. Allows a process to push the rpcmod STREAMs module. Allows a process to INSERT/REMOVE STREAMs modules on locations other than the top of the module stack.
Allows a process to perform Sun private NFS specific system calls. Allows a process to bind to ports reserved by NFS: ports 2049 (nfs) and port 4045 (lockd).
Allows a process to create and destroy PPP (sppp) interfaces. Allows a process to configure PPP tunnels (sppptun).
Allows a process to bind processes to processor sets.
Allows all that PRIV_SYS_RES_BIND allows. Allows a process to create and delete processor sets, assign CPUs to processor sets and override the PSET_NOESCAPE property. Allows a process to change the operational status of CPUs in the system using p_online(2). Allows a process to configure resource pools and to bind processes to pools
Allows a process to modify the resource limits specified by setrlimit(2) and setrctl(2) without restriction. Allows a process to exceed the per-user maximum number of processes. Allows a process to extend or create files on a filesystem that has less than minfree space in reserve.
Allows a process to access the Sun private SMB kernel module. Allows a process to bind to ports reserved by NetBIOS and SMB: ports 137 (NBNS), 138 (NetBIOS Datagram Service), 139 (NetBIOS Session Service and SMB-over-NBT) and 445 (SMB-over-TCP).
Allows a process to successfully call a third party loadable module that calls the kernel suser() function to check for allowed access. This privilege exists only for third party loadable module compatibility and is not used by Solaris proper.
Allows a process to manipulate system time using any of the appropriate system calls: stime, adjtime, ntp_adjtime and the IA specific RTC calls.
Allows a process to translate labels that are not dominated by the process’ sensitivity label to and from an external string form. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to manage virtualized environments such as xVM(5).
Allows a process to override colormap restrictions. Allows a process to install or remove colormaps. Allows a process to retrieve colormap cell entries allocated by other processes. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to configure or destroy resources that are permanently retained by the X server. Allows a process to use SetScreenSaver to set the screen saver timeout value. Allows a process to use ChangeHosts to modify the display access control list. Allows a process to use GrabServer. Allows a process to use the SetCloseDownMode request which may retain window, pixmap, colormap, property, cursor, font, or graphic context resources. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to read from a window resource that it does not own (has a different user ID). This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to write to or create a window resource that it does not own (has a different user ID). A newly created window property is created with the window’s user ID. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to perform operations on window input devices. Allows a process to get and set keyboard and pointer controls. Allows a process to modify pointer button and key mappings. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to use the direct graphics access (DGA) X protocol extensions. Direct process access to the frame buffer is still required. Thus the process must have MAC and DAC privileges that allow access to the frame buffer, or the frame buffer must be allocated to the process. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to set the sensitivity label of a window resource to a sensitivity label that does not dominate the existing sensitivity label. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to set a font path. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to read from a window resource whose sensitivity label is not equal to the process sensitivity label. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to create a window resource whose sensitivity label is not equal to the process sensitivity label. A newly created window property is created with the window’s sensitivity label. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to request inter-window data moves without the intervention of the selection confirmer. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process to set the sensitivity label of a window resource to a sensitivity label that dominates the existing sensitivity label. This privilege is interpreted only if the system is configured with Trusted Extensions.
Allows a process access to the xVM(5) control devices for managing guest domains and the hypervisor. This privilege is used only if booted into xVM on x86 platforms.
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Privilege
impl Send for Privilege
impl Sync for Privilege
impl Unpin for Privilege
impl UnwindSafe for Privilege
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized, [src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized, [src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized, [src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T[src]
impl<T> From<T> for T[src]
impl<T, U> Into<U> for T where
U: From<T>, [src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>, [src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>, [src]
U: TryFrom<T>,