summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/privs.c35
1 files changed, 21 insertions, 14 deletions
diff --git a/lib/privs.c b/lib/privs.c
index f3a15cea..71e2c7fe 100644
--- a/lib/privs.c
+++ b/lib/privs.c
@@ -176,7 +176,7 @@ zprivs_init(struct zebra_privs_t *zprivs)
if (!zprivs)
{
- zlog_err ("zprivs_init: called with NULL arg!");
+ fprintf (stderr, "zprivs_init: called with NULL arg!\n");
exit (1);
}
@@ -197,7 +197,9 @@ zprivs_init(struct zebra_privs_t *zprivs)
}
else
{
- zlog_err ("privs_init: could not lookup supplied user");
+ /* cant use log.h here as it depends on vty */
+ fprintf (stderr, "privs_init: could not lookup user %s\n",
+ zprivs->user);
exit (1);
}
}
@@ -212,14 +214,15 @@ zprivs_init(struct zebra_privs_t *zprivs)
zprivs_state.vtygrp = grentry->gr_gid;
if ( setgroups (1, &zprivs_state.vtygrp) )
{
- zlog_err ("privs_init: could not setgroups, %s",
+ fprintf (stderr, "privs_init: could not setgroups, %s\n",
strerror (errno) );
exit (1);
}
}
else
{
- zlog_err ("privs_init: could not lookup supplied user");
+ fprintf (stderr, "privs_init: could not lookup vty group %s\n",
+ zprivs->vty_group);
exit (1);
}
}
@@ -232,13 +235,14 @@ zprivs_init(struct zebra_privs_t *zprivs)
}
else
{
- zlog_err ("privs_init: could not lookup supplied user");
+ fprintf (stderr, "privs_init: could not lookup group %s\n",
+ zprivs->group);
exit (1);
}
/* change group now, forever. uid we do later */
if ( setregid (zprivs_state.zgid, zprivs_state.zgid) )
{
- zlog_err ("zprivs_init: could not setregid, %s",
+ fprintf (stderr, "zprivs_init: could not setregid, %s\n",
strerror (errno) );
exit (1);
}
@@ -253,19 +257,20 @@ zprivs_init(struct zebra_privs_t *zprivs)
/* Tell kernel we want caps maintained across uid changes */
if ( prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1 )
{
- zlog_err("privs_init: could not set PR_SET_KEEPCAPS, %s",
+ fprintf (stderr, "privs_init: could not set PR_SET_KEEPCAPS, %s\n",
strerror (errno) );
exit(1);
}
if ( !zprivs_state.syscaps_p )
{
- zlog_warn ("privs_init: capabilities enabled, but no capabilities supplied");
+ fprintf (stderr, "privs_init: capabilities enabled, but no capabilities supplied\n");
}
if ( !(zprivs_state.caps = cap_init()) )
{
- zlog_err ("privs_init: failed to cap_init, %s", strerror (errno) );
+ fprintf (stderr, "privs_init: failed to cap_init, %s\n",
+ strerror (errno));
exit (1);
}
@@ -274,15 +279,16 @@ zprivs_init(struct zebra_privs_t *zprivs)
{
if ( setreuid (zprivs_state.zuid, zprivs_state.zuid) )
{
- zlog_err ("zprivs_init (cap): could not setreuid, %s",
- strerror (errno) );
+ fprintf (stderr, "zprivs_init (cap): could not setreuid, %s\n",
+ strerror (errno));
exit (1);
}
}
if ( cap_clear (zprivs_state.caps) )
{
- zlog_err ("privs_init: failed to cap_clear, %s", strerror (errno));
+ fprintf (stderr, "privs_init: failed to cap_clear, %s\n",
+ strerror (errno));
exit (1);
}
@@ -304,7 +310,7 @@ zprivs_init(struct zebra_privs_t *zprivs)
*/
if ( cap_set_proc (zprivs_state.caps) )
{
- zlog_err ("privs_init: initial cap_set_proc failed");
+ fprintf (stderr, "privs_init: initial cap_set_proc failed\n");
exit (1);
}
@@ -322,7 +328,8 @@ zprivs_init(struct zebra_privs_t *zprivs)
{
if ( setreuid (-1, zprivs_state.zuid) )
{
- zlog_err ("privs_init (uid): could not setreuid, %s", strerror (errno));
+ fprintf (stderr, "privs_init (uid): could not setreuid, %s\n",
+ strerror (errno));
exit (1);
}
}