From edd7c245d3a77012abf801da00d5664ebaa5f749 Mon Sep 17 00:00:00 2001
From: paul <paul>
Date: Wed, 4 Jun 2003 13:59:38 +0000
Subject: 2003-06-04 Paul Jakma <paul@dishone.st>

	* Merge of zebra privileges
---
 lib/Makefile.am |  7 ++++---
 lib/memory.h    |  2 ++
 lib/vty.c       | 16 +++++++++++++++-
 lib/zebra.h     |  6 ++++++
 4 files changed, 27 insertions(+), 4 deletions(-)

(limited to 'lib')

diff --git a/lib/Makefile.am b/lib/Makefile.am
index 02680603..d041770d 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -10,9 +10,9 @@ libzebra_a_SOURCES = \
 	print_version.c checksum.c vector.c linklist.c vty.c command.c \
 	sockunion.c prefix.c thread.c if.c memory.c buffer.c table.c hash.c \
 	filter.c routemap.c distribute.c stream.c str.c log.c plist.c \
-	zclient.c sockopt.c smux.c md5.c if_rmap.c keychain.c
+	zclient.c sockopt.c smux.c md5.c if_rmap.c keychain.c privs.c debug.c
 
-libzebra_a_DEPENDENCIES = @LIB_REGEX@
+libzebra_a_DEPENDENCIES = @LIB_REGEX@ @LIBCAP@
 
 libzebra_a_LIBADD = @LIB_REGEX@
 
@@ -20,7 +20,8 @@ noinst_HEADERS = \
 	buffer.h command.h filter.h getopt.h hash.h if.h linklist.h log.h \
 	memory.h network.h prefix.h routemap.h distribute.h sockunion.h \
 	str.h stream.h table.h thread.h vector.h version.h vty.h zebra.h \
-	plist.h zclient.h sockopt.h smux.h md5-gnu.h if_rmap.h keychain.h
+	plist.h zclient.h sockopt.h smux.h md5-gnu.h if_rmap.h keychain.h \
+	privs.h debug.h
 
 EXTRA_DIST = regex.c regex-gnu.h
 
diff --git a/lib/memory.h b/lib/memory.h
index a38cda3f..925f6b65 100644
--- a/lib/memory.h
+++ b/lib/memory.h
@@ -189,6 +189,8 @@ enum
 
   MTYPE_VRF,
   MTYPE_VRF_NAME,
+  
+  MTYPE_PRIVS,
 
   MTYPE_MAX
 };
diff --git a/lib/vty.c b/lib/vty.c
index 5ef364a0..4d6eb304 100644
--- a/lib/vty.c
+++ b/lib/vty.c
@@ -33,6 +33,7 @@
 #include "log.h"
 #include "prefix.h"
 #include "filter.h"
+#include "privs.h"
 
 /* Vty events */
 enum event 
@@ -1851,7 +1852,8 @@ vty_serv_un (char *path)
   int sock, len;
   struct sockaddr_un serv;
   mode_t old_mask;
-
+  struct zprivs_ids_t ids;
+  
   /* First of all, unlink existing socket */
   unlink (path);
 
@@ -1894,6 +1896,18 @@ vty_serv_un (char *path)
 
   umask (old_mask);
 
+  zprivs_get_ids(&ids);
+  
+  if (ids.gid_vty > 0)
+    {
+      /* set group of socket */
+      if ( chown (path, -1, ids.gid_vty) )
+        {
+          zlog_err ("vty_serv_un: could chown socket, %s",
+                     strerror (errno) );
+        }
+    }
+
   vty_event (VTYSH_SERV, sock, NULL);
 }
 
diff --git a/lib/zebra.h b/lib/zebra.h
index 62566cf8..15608dbc 100644
--- a/lib/zebra.h
+++ b/lib/zebra.h
@@ -42,6 +42,8 @@ typedef int socklen_t;
 #include <fcntl.h>
 #include <signal.h>
 #include <string.h>
+#include <pwd.h>
+#include <grp.h>
 #ifdef HAVE_STROPTS_H
 #include <stropts.h>
 #endif /* HAVE_STROPTS_H */
@@ -70,6 +72,10 @@ typedef int socklen_t;
 #ifdef HAVE_RUSAGE
 #include <sys/resource.h>
 #endif /* HAVE_RUSAGE */
+#ifdef HAVE_LCAPS
+#include <sys/capability.h>
+#include <sys/prctl.h>
+#endif /* HAVE_LCAPS */
 
 /* machine dependent includes */
 #ifdef SUNOS_5
-- 
cgit v1.2.1