summaryrefslogtreecommitdiff
path: root/lib/privs.c
AgeCommit message (Collapse)Author
2006-03-30[lib/privs] Changing user IDs should be done before dropping privilegesPaul Jakma
2006-03-14 Paul Jakma <paul.jakma@sun.com> * privs.c: (zprivs_caps_init) Change user IDs before lowering privileges, while this seems to work on Linux, on Solaris it rightfully refuses due to PRIV_PROC_SETID having been dropped.
2005-11-24[privs/solaris] Fix unused variable and incorrect format string.paul
2005-11-24 Paul Jakma <paul.jakma@sun.com> * privs.c: (zcaps2sys/solaris) remove unused variable. (zprivs_state_caps/solaris) Format string missing a specifier.
2005-09-292005-09-29 Paul Jakma <paul.jakma@sun.com>paul
* configure.ac: Add the test for Solaris least-privileges. Set defines for whether capabilities are supported and whether of the linux or solaris variety. Add missing-prototypes, missing-declarations, char-subscripts and cast-qual warnings to default cflags, cause Hasso enjoys warnings, and we really should clean the remaining ones up. (ie isisd..). * (*/*main.c) Update the zebra_capabilities_t arrays in the various daemons to match the changes made in lib/privs.h. * zebra.h: Solaris capabilities requires priv.h to be included. * privs.{c,h}: Add support for Solaris Least-Privileges. privs.h: Reduce some of the abstract capabilities, which do not have rough equivalents on both systems. Rename the net related caps to _NET, as they should have been in first place. (zprivs_terminate) should take the zebra_privs_t as argument so that it can update change pointer. Add an additional privilege state, ZPRIVS_UNKNOWN. * privs.c: (various capability functions) Add Solaris privileges variants. (zprivs_state) Use privs.c specific generic types to represent various capability/privilege related types, so that each can be typedef'd as appropriate on each platform. (zprivs_null_state) static added, to hold the state the null method should report (should be raised by default, and LOWERED if zprivs_terminate has been called) (zprivs_state_null) Report back the zprivs_null_state. (cap_map) Make it able to map abstract capability to multiple system capabilities. (zcaps2sys) Map to abstract capabilities to multiple system privileges/capabilities. (zprivs_init) move capability related init to seperate function, zprivs_caps_init. (zprivs_terminate) ditto, moved to zprivs_caps_terminate. Set the change_state callback to the NULL state, so the user can continue to run and use the callbacks.
2004-11-202004-11-19 Andrew J. Schorr <ajschorr@alumni.princeton.edu>ajs
* global: Replace strerror with safe_strerror. And vtysh/vtysh.c needs to include "log.h" to pick up the declaration.
2003-06-112003-06-11 Paul Jakma <paul@dishone.st>paul
* lib/privs.h (zprivs_init): do not use zlog() as it depends on vty having been initialised (zlog calls vty_log). print to stderr directly instead.
2003-06-04Paul forgot probably to commit privs.[c|h] changes. Had to reorder includeshasso
in zebra.h to make it compile in debian.
2003-05-22Add additional system capabilitiespaul
2003-05-20Fix stray comment and using pwentry for group info.paul
2003-05-20Fix several small caps related errors.paul
2003-05-20Privilege support files for zebra.paul
Linux capabilities enabled (if libcap is enabled).