NAME¶
setgid - set group identity
SYNOPSIS¶
#include <sys/types.h>
#include <unistd.h>
int setgid(gid_t gid);
DESCRIPTION¶
setgid() sets the effective group ID of the calling process. If the
caller is the superuser, the real GID and saved set-group-ID are also set.
Under Linux,
setgid() is implemented like the POSIX version with the
_POSIX_SAVED_IDS feature. This allows a set-group-ID program that is
not set-user-ID-root to drop all of its group privileges, do some
un-privileged work, and then reengage the original effective group ID in a
secure manner.
RETURN VALUE¶
On success, zero is returned. On error, -1 is returned, and
errno is set
appropriately.
ERRORS¶
- EINVAL
- The group ID specified in gid is not valid in this user
namespace.
- EPERM
- The calling process is not privileged (does not have the CAP_SETGID
capability), and gid does not match the real group ID or saved
set-group-ID of the calling process.
SVr4, POSIX.1-2001.
NOTES¶
The original Linux
setgid() system call supported only 16-bit group IDs.
Subsequently, Linux 2.4 added
setgid32() supporting 32-bit IDs. The
glibc
setgid() wrapper function transparently deals with the variation
across kernel versions.
SEE ALSO¶
getgid(2),
setegid(2),
setregid(2),
capabilities(7),
credentials(7),
user_namespaces(7)
COLOPHON¶
This page is part of release 3.74 of the Linux
man-pages project. A
description of the project, information about reporting bugs, and the latest
version of this page, can be found at
http://www.kernel.org/doc/man-pages/.