getgid¶
Intro¶
getgid - Returns the real group ID of the calling process.
Description¶
The getgid function returns the real group ID of the calling process. This function can be used to get the group ID of a process, which is used to determine the group of the calling process. The group ID is set when the process is created, and can be modified using the setgid system call. The getgid function is a wrapper around the getgid system call.
When called, getgid returns the real group ID of the calling process. It is important to note that this function will only return the real group ID, not the effective group ID or saved group ID. The real group ID is tied to the user credentials assigned to the process when it was created.
Arguments¶
void:void- No arguments.
Available Tags¶
N/A
Hooks¶
sys_getgid¶
Type¶
Kprobe
Purpose¶
Hooks the getgid system call to capture its output.
Example Use Case¶
The getgid function could be used to capture a process' group ID. This can be useful in situations where the group ID needs to be checked to ensure that a process is running with the correct group credentials.
Issues¶
The output from the getgid function only reflects the real group ID of the process. If the effective or saved group ID of the process is desired, other system calls such as getegid, or getresgid need to be used.
Related Events¶
- setgid - Sets the real, effective and saved group IDs of the calling process.
- getegid - Gets the effective group ID of the calling process.
- getresgid - Gets the real, effective and saved group IDs of the calling process.
This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.