[BACK]Return to privs.h CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / lib
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / quagga / lib / privs.h
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 17:26:12 2012 UTC (12 years, 8 months ago) by misho
Branches: quagga, MAIN
CVS tags: v1_0_20160315, v0_99_22p0, v0_99_22, v0_99_21, v0_99_20_1, v0_99_20, HEAD
quagga

    1: /* 
    2:  * Zebra privileges header.
    3:  *
    4:  * Copyright (C) 2003 Paul Jakma.
    5:  *
    6:  * This file is part of GNU Zebra.
    7:  *
    8:  * GNU Zebra is free software; you can redistribute it and/or modify it
    9:  * under the terms of the GNU General Public License as published by the
   10:  * Free Software Foundation; either version 2, or (at your option) any
   11:  * later version.
   12:  *
   13:  * GNU Zebra is distributed in the hope that it will be useful, but
   14:  * WITHOUT ANY WARRANTY; without even the implied warranty of
   15:  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   16:  * General Public License for more details.
   17:  *
   18:  * You should have received a copy of the GNU General Public License
   19:  * along with GNU Zebra; see the file COPYING.  If not, write to the Free
   20:  * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
   21:  * 02111-1307, USA.  
   22:  */
   23: 
   24: #ifndef _ZEBRA_PRIVS_H
   25: #define _ZEBRA_PRIVS_H
   26: 
   27: /* list of zebra capabilities */
   28: typedef enum 
   29: {
   30:   ZCAP_SETID,
   31:   ZCAP_BIND,
   32:   ZCAP_NET_ADMIN,
   33:   ZCAP_SYS_ADMIN,
   34:   ZCAP_NET_RAW,
   35:   ZCAP_CHROOT,
   36:   ZCAP_NICE,
   37:   ZCAP_PTRACE,
   38:   ZCAP_DAC_OVERRIDE,
   39:   ZCAP_READ_SEARCH,
   40:   ZCAP_FOWNER,
   41:   ZCAP_MAX
   42: } zebra_capabilities_t;
   43: 
   44: typedef enum
   45: {
   46:   ZPRIVS_LOWERED,
   47:   ZPRIVS_RAISED,
   48:   ZPRIVS_UNKNOWN,
   49: } zebra_privs_current_t;
   50: 
   51: typedef enum
   52: {
   53:   ZPRIVS_RAISE,
   54:   ZPRIVS_LOWER,
   55: } zebra_privs_ops_t;
   56: 
   57: struct zebra_privs_t
   58: {
   59:   zebra_capabilities_t *caps_p;       /* caps required for operation */
   60:   zebra_capabilities_t *caps_i;       /* caps to allow inheritance of */
   61:   int cap_num_p;                      /* number of caps in arrays */
   62:   int cap_num_i;                    
   63:   const char *user;                   /* user and group to run as */
   64:   const char *group;
   65:   const char *vty_group;              /* group to chown vty socket to */
   66:   /* methods */
   67:   int 
   68:     (*change) (zebra_privs_ops_t);    /* change privileges, 0 on success */
   69:   zebra_privs_current_t 
   70:     (*current_state) (void);          /* current privilege state */
   71: };
   72: 
   73: struct zprivs_ids_t
   74: {
   75:   /* -1 is undefined */
   76:   uid_t uid_priv;                     /* privileged uid */
   77:   uid_t uid_normal;                   /* normal uid */
   78:   gid_t gid_priv;                     /* privileged uid */
   79:   gid_t gid_normal;                   /* normal uid */
   80:   gid_t gid_vty;                      /* vty gid */
   81: };
   82: 
   83:   /* initialise zebra privileges */
   84: extern void zprivs_init (struct zebra_privs_t *zprivs);
   85:   /* drop all and terminate privileges */ 
   86: extern void zprivs_terminate (struct zebra_privs_t *);
   87:   /* query for runtime uid's and gid's, eg vty needs this */
   88: extern void zprivs_get_ids(struct zprivs_ids_t *);
   89: 
   90: #endif /* _ZEBRA_PRIVS_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>