summaryrefslogtreecommitdiff
path: root/ripd/rip_main.c
diff options
context:
space:
mode:
Diffstat (limited to 'ripd/rip_main.c')
-rw-r--r--ripd/rip_main.c29
1 files changed, 28 insertions, 1 deletions
diff --git a/ripd/rip_main.c b/ripd/rip_main.c
index 5e560524..9526d7ae 100644
--- a/ripd/rip_main.c
+++ b/ripd/rip_main.c
@@ -30,6 +30,7 @@
#include "filter.h"
#include "keychain.h"
#include "log.h"
+#include "privs.h"
#include "ripd/ripd.h"
@@ -43,10 +44,31 @@ static struct option longopts[] =
{ "vty_addr", required_argument, NULL, 'A'},
{ "vty_port", required_argument, NULL, 'P'},
{ "retain", no_argument, NULL, 'r'},
+ { "user", required_argument, NULL, 'u'},
{ "version", no_argument, NULL, 'v'},
{ 0 }
};
+/* ripd privileges */
+zebra_capabilities_t _caps_p [] =
+{
+ ZCAP_RAW,
+ ZCAP_BIND
+};
+
+struct zebra_privs_t ripd_privs =
+{
+#if defined(ZEBRA_USER)
+ .user = ZEBRA_USER,
+#endif
+#if defined ZEBRA_GROUP
+ .group = ZEBRA_GROUP,
+#endif
+ .caps_p = _caps_p,
+ .cap_num_p = 2,
+ .cap_num_i = 0
+};
+
/* Configuration file and directory. */
char config_current[] = RIPD_DEFAULT_CONFIG;
char config_default[] = SYSCONFDIR RIPD_DEFAULT_CONFIG;
@@ -85,6 +107,7 @@ Daemon which manages RIP version 1 and 2.\n\n\
-A, --vty_addr Set vty's bind address\n\
-P, --vty_port Set vty's port number\n\
-r, --retain When program terminates, retain added route by ripd.\n\
+-u, --user User and group to run as\n\
-v, --version Print program version\n\
-h, --help Display this help and exit\n\
\n\
@@ -189,7 +212,7 @@ main (int argc, char **argv)
{
int opt;
- opt = getopt_long (argc, argv, "df:hA:P:rv", longopts, 0);
+ opt = getopt_long (argc, argv, "df:hA:P:u:rv", longopts, 0);
if (opt == EOF)
break;
@@ -224,6 +247,9 @@ main (int argc, char **argv)
case 'r':
retain_mode = 1;
break;
+ case 'u':
+ ripd_privs.group = ripd_privs.user = optarg;
+ break;
case 'v':
print_version (progname);
exit (0);
@@ -241,6 +267,7 @@ main (int argc, char **argv)
master = thread_master_create ();
/* Library initialization. */
+ zprivs_init (&ripd_privs);
signal_init ();
cmd_init (1);
vty_init ();