Index Index for
Section 3
Index Alphabetical
listing for S
Bottom of page Bottom of
page		 

siad_get_groups(3)


NAME

  siad_get_groups - mechanism-specific routine called from sia_get_groups to
  fill in a user's supplementary groups for SIA (Security Integration
  Architecture)


SYNOPSIS

  #include <sia.h>
  #include <siad.h>

  int siad_get_groups(
	  struct sia_context *context,
	  const char *username,
	  gid_t *buffer,
	  int *ngroups,
	  int maxgroups );


LIBRARY

  Standard C library (libc.so and libc.a)


PARAMETERS

  context
      A thread-specific allocation context, shared with other group-related
      calls such as siad_getgrent.

  username
      The name of the user whose supplementary group list is desired.

  buf Pointer to storage for the list of groups.  It may already have some
      entries in it, depending on the incoming value of ngroups.

  ngroups
      The number of slots in the buffer which are used.	 Read on input, and
      updated as groups are added by each mechanism.

  maxgroups
      The maximum number of secondary groups for which buf has storage
      allocated.  It is not an error to have ngroups equal to maxgroups, but
      if another (unique) group is found beyond that limit, the routine is
      expected to return SIADFAIL|SIADSTOP to halt any further scan for
      additional group information.


DESCRIPTION

  This routine is responsible for ensuring that any group it adds to the list
  of GIDs found is not a duplicate.   __sia_isagroup(3) is provided
  specifically to make that determination simpler for the mechanism
  developer.  It is not responsible for calling the mechanism-specific
  siad_setgrent() routine, since sia_get_groups() makes that call.  The
  sia_get_groups() routine will also make the call to the siad_endgrent()
  routine.

  This routine, unlike most of the SIA mechanism-dependent routines, is
  optional.  If it is not provided, sia_get_groups() will use the mechanism's
  siad_getgrent() routine instead.  This routine is provided by mechanisms
  which have a faster method for finding the groups for a user than doing a
  simple getgrent() loop.


RETURN VALUES

  This routine should only return failure as described above or if the
  mechanism encounters an initialization error that prevents scanning for
  group information.  In particular, it is not an error for a given mechanism
  to find no groups for a user.

  This routine returns SIADSUCCESS if group scanning was possible and the
  group list did not need additional storage.  It returns SIADFAIL|SIADSTOP
  if the group list did need more than maxgroups entries.  It returns
  SIADFAIL if the mechanism is unable to scan for groups at all.


SEE ALSO

  sia_get_groups(3), siad_setgrent(3), siad_getgrent(3), siad_endgrent(3),
  matrix.conf(4)

  Security

Index Index for
Section 3
Index Alphabetical
listing for S
Top of page Top of
page