2 .\" Copyright (c) 1996 Julian R Elischer
3 .\" All rights reserved.
5 .\" This code is derived from software contributed by Kenneth Stailey.
7 .\" Redistribution and use in source and binary forms, with or without
8 .\" modification, are permitted provided that the following conditions
10 .\" 1. Redistributions of source code must retain the above copyright
11 .\" notice, this list of conditions and the following disclaimer.
12 .\" 2. Redistributions in binary form must reproduce the above copyright
13 .\" notice, this list of conditions and the following disclaimer in the
14 .\" documentation and/or other materials provided with the distribution.
15 .\" 3. All advertising materials mentioning features or use of this software
16 .\" must display the following acknowledgement:
17 .\" This product includes software developed for the FreeBSD Project
18 .\" by Julian R Elischer
19 .\" 4. The name of the author may not be used to endorse or promote products
20 .\" derived from this software without specific prior written permission.
22 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 .\" $FreeBSD: src/share/man/man9/suser.9,v 1.9.2.5 2001/12/17 11:30:19 ru Exp $
35 .\" $DragonFly: src/share/man/man9/suser.9,v 1.2 2003/06/17 04:37:01 dillon Exp $
42 .Nd check if we are superuser and note
48 .Fn suser "struct proc *proc"
50 .Fn suser_xxx "struct ucred *cred" "struct proc *proc" "int flags"
56 functions checks if the credentials given include superuser powers.
60 function is the most common, and should be used unless special
61 circumstances dictate otherwise.
65 function should be used when the credentials to be checked are
66 not the process' own, when there is no process or when superuser
67 powers should be extended to imprisoned roots.
69 By default a process does not command superuser powers if it has
70 been imprisoned by the
73 There are cases however where this is appropriate, and this can
74 be done by setting the
76 bit in the flags argument to the
78 function. It is important to review carefully in each case that
79 this does not weaken the prison. Generally only where the action
84 call should such powers be granted.
90 functions note the fact that superuser powers have been used in the
91 process structure of the process specified.
92 Because part of their function is to notice
93 whether superuser powers have been used,
94 the functions should only be called after other permission
95 possibilities have been exhausted.
101 functions return 0 if the user has superuser powers and
106 of some other implementations of
108 in which a TRUE response indicates superuser powers.