VMS::Priv - Get and set privileges for OpenVMS processes
use VMS::Priv;
Routines to return different sets of priviliges:
@names = priv_names(); $hashref = get_current_privs([pid]); $hashref = get_auth_privs([pid]); $hashref = get_process_privs([pid]); $hashref = get_image_privs([pid]); $hashref = get_default_privs([pid]) $hashref = get_settable_privs([pid])
Routines to add or remove priviliges:
$hashref = add_current_privs(\@priv_list[,permanent]); $hashref = remove_current_privs(\@priv_list[,permanent]); $hashref = set_current_privs(\@priv_list[,permanent]);
Tied Hash Interface:
tie %privtie, VMS::Priv <, pid>; %privtie{privname} = <anything>; # Add a priv %privtie{privname} = undef; # take one away defined(%privtie{privname}) # true if you currently have the priv, else false %privtie{} = (); # Remove all privs
Object Interface:
$foo = new VMS::Priv <pid>; $hashref = $foo->add(\@priv_list[,permanent]); $hashref = $foo->remove(\@priv_list[,permanent]) $hashref = $foo->set(\@priv_list[,permanent])
Get and set privileges for VMS processes. The user running the script must have sufficient privs to actually perform the act.
You can tie a hash to a pid (or to the current process' pid, if you don't specify a pid). Once you do that, you can check, add or remove privs via that hash. To add a priv, set the hash entry corresponding to the priv name to anything. To remove a priv, set the corresponding hash entry to undef. To check if you have the priv, see if the entry is defined or not.
You can use the new method to create an object for the current process. The methods add, remove and set take a reference to a list of privs and add, remove, or set the process' privs. They're currently not enourmously useful, mainly used by the tied hash interface. But they're there if you care to use them.
add
remove
set
The priv_names() function simply returns as a list of the canonical names of all the privileges VMS::Priv knows about. Note that some privileges have common aliases as well (e.g. SETPRI and ALTPRI). The VMS::Priv functions which set privileges understand these aliases as well.
priv_names()
SETPRI
ALTPRI
All other routines return a reference to a hash whose keys are the canonical names (only) of the privileges which are enabled. The get routines return the set of privs you asked for, the add/remove/set routines return the privs that you have after the call is complete.
The add/remove/set routines take as their first argument a reference to a list of keywords designating the privileges you want to affect. Case is not significant. add_current_privs() adds the list of privs to your process, remove_current_privs() takes the list of privs away from your process, and set_current_privs() gives just those privs to your process. The second argument is a Boolean value which if true specifies that these changes should persist after Perl exits; it defaults to true.
add_current_privs()
remove_current_privs()
set_current_privs()
get_settable_privs() returns a list of all the privs you can turn on. It's a combination of the process's authorized privs and the process's image privs.
get_settable_privs()
get_default_privs() returns a list of the privs the user who's process you're looking up gets by default. These may not be the default privs that were in place when the process was created. You also may bot be able to grant all the default privs to your process, since it is entirely possible to have more privs turned on by default than you have authorized. Default unauthorized privs, once dropped, are lost forever.
get_default_privs()
You can't alter the privs for any process but yourself. This is a VMS limitation, and isn't likely to change any time soon.
Under VMS 7.1, the DETACH priv has been renamed IMPERSONATE. DCL's lexical F$GETJPI, which is used in the tests, still reports DETACH, so we return DETACH instead of IMPERSONATE. (Which is more of a VMS bug, since they got the ACNT/NOACNT switch in for 7.1) IMPERSONATE's still a legitimate thing to pass, though, and VMS accepts either.
There's no test for get_default_privs, as getting them another way to test is somewhat problematic, at least for me. If someone's got code to parse out the default privs from AUTHORIZE (the use of which may be a problem in and of itself at some sites), we can add a test.
Dan Sugalski <dan@sidhe.org> Hacked up by Charles Bailey <bailey@genetics.upenn.edu> Maintained by Craig A. Berry <craigberry@mac.com>
perl(1).
To install VMS::Priv, copy and paste the appropriate command in to your terminal.
cpanm
cpanm VMS::Priv
CPAN shell
perl -MCPAN -e shell install VMS::Priv
For more information on module installation, please visit the detailed CPAN module installation guide.