NAME    [Toc]    [Back]

       sia_get_groups - retrieve user's group information for SIA
       (Security Integration Architecture)

SYNOPSIS    [Toc]    [Back]

       #include <sia.h> #include <siad.h>

       int sia_get_groups(
               const char *username,
               gid_t basegid,
               gid_t *buffer,
               int *ngroups );

LIBRARY    [Toc]    [Back]

       Standard C library (libc.so and libc.a)

PARAMETERS    [Toc]    [Back]

       The name of the user whose  group  information  should  be
       written  to the buffer array. This parameter is read only.
       If not ((gid_t)-1), this GID will  appear  in  the  buffer
       array in addition to any other groups found for this user.
       This is normally used to pass  the  user's  GID  from  the
       password  information,  since  the  GID is not necessarily
       listed in the group information obtained with  getgrent().
       The  array  into which this routine writes the accumulated
       GIDs for the specified user.   On  input,  this  parameter
       points to an integer that represents the maximum number of
       entries allowed for the buffer array.  When  this  routine
       returns, it updates this value to be the number of entries
       which were found. On failure, the value is  indeterminate.

DESCRIPTION    [Toc]    [Back]

       The  sia_get_groups() routine is called to obtain a user's
       group array.

RETURN VALUES    [Toc]    [Back]

       This routine returns SIA_SUCCESS if all the incoming arguments
  are  correct (non-null pointers, non-null username,
       and *ngroups must be positive), and if none of the configured
  mechanism  functions for group processing returned a
       fatal error.  Finding more than *ngroups GIDs for the user
       is  one  such fatal error, and is the only one defined for
       all mechanisms.  If a fatal error is encountered in one of
       the    configured   mechanisms,   this   routine   returns
       SIAFAIL|SIASTOP.  If there are parameter errors, or  if  a
       getgrent_r call fails, this routine returns SIAFAIL.

ERRORS    [Toc]    [Back]

       While errno will usually be propagated from whatever other
       calls failed, this routine will return with errno  explicitly
  set for the following conditions: One of the pointer
       arguments was NULL.  *username was 0, or *ngroups was  not
       positive.   Thread  context  failure  while  scanning  for
       groups.

EXAMPLES    [Toc]    [Back]

       A typical call to obtain a user's group array follows:

            #include <sia.h>
               int ngroups;
               gid_t groups[NGROUPS];
               struct passwd *pw;
               extern char *username;

               pw = getpwnam(username);
               if (pw == NULL)
                       return 0;
               ngroups = NGROUPS;
               if (sia_get_groups(username,  pw->pw_gid,  groups,
       &ngroups)
                   != SIASUCCESS)
                       return 0;

               /* process group array here */

FILES    [Toc]    [Back]

       /etc/sia/matrix.conf

SEE ALSO    [Toc]    [Back]

       getgrent(3),         matrix.conf(4),        initgroups(3),
       siad_get_groups(3) _sia_isagroup(3)

       Security



                                                sia_get_groups(3)