#include "log.h"
#include "privs.h"
#include "memory.h"
+#include "lib_errors.h"
#ifdef HAVE_CAPABILITIES
if (cap_get_flag(zprivs_state.caps,
zprivs_state.syscaps_p->caps[i], CAP_EFFECTIVE,
&val)) {
- zlog_warn(
+ flog_err(
+ EC_LIB_SYSTEM_CALL,
"zprivs_state_caps: could not cap_get_flag, %s",
safe_strerror(errno));
return ZPRIVS_UNKNOWN;
}
#endif /* HAVE_GETGROUPLIST */
+struct zebra_privs_t *_zprivs_raise(struct zebra_privs_t *privs,
+ const char *funcname)
+{
+ int save_errno = errno;
+
+ if (!privs)
+ return NULL;
+
+ errno = 0;
+ if (privs->change(ZPRIVS_RAISE)) {
+ zlog_err("%s: Failed to raise privileges (%s)",
+ funcname, safe_strerror(errno));
+ }
+ errno = save_errno;
+ privs->raised_in_funcname = funcname;
+ return privs;
+}
+
+void _zprivs_lower(struct zebra_privs_t **privs)
+{
+ int save_errno = errno;
+
+ if (!*privs)
+ return;
+
+ errno = 0;
+ if ((*privs)->change(ZPRIVS_LOWER)) {
+ zlog_err("%s: Failed to lower privileges (%s)",
+ (*privs)->raised_in_funcname, safe_strerror(errno));
+ }
+ errno = save_errno;
+ (*privs)->raised_in_funcname = NULL;
+ *privs = NULL;
+}
+
void zprivs_preinit(struct zebra_privs_t *zprivs)
{
struct passwd *pwentry = NULL;
projects / mirror_frr.git / blobdiff