*/
#include <zebra.h>
+#include "privs.h"
#ifdef NRL
#include <netinet6/in6.h>
#define MIB_SIZ 4
+extern struct zebra_privs_t zserv_privs;
+
/* IPv4 forwarding control MIB. */
int mib[MIB_SIZ] =
{
int ipforwarding = 1;
len = sizeof ipforwarding;
- if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
+ if (zserv_privs.change(ZPRIVS_RAISE))
+ zlog (NULL, LOG_ERR, "Can't raise privileges");
+ if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
{
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
zlog_warn ("Can't set ipforwarding on");
return -1;
}
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
return ipforwarding;
}
int ipforwarding = 0;
len = sizeof ipforwarding;
- if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
+ if (zserv_privs.change(ZPRIVS_RAISE))
+ zlog (NULL, LOG_ERR, "Can't raise privileges");
+ if (sysctl (mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0)
{
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
zlog_warn ("Can't set ipforwarding on");
return -1;
}
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
return ipforwarding;
}
int ip6forwarding = 0;
len = sizeof ip6forwarding;
- if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
+ if (zserv_privs.change(ZPRIVS_RAISE))
+ zlog (NULL, LOG_ERR, "Can't raise privileges");
+ if (sysctl (mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0)
{
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
zlog_warn ("can't get ip6forwarding value");
return -1;
}
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
return ip6forwarding;
}
int ip6forwarding = 1;
len = sizeof ip6forwarding;
- if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
+ if (zserv_privs.change(ZPRIVS_RAISE))
+ zlog (NULL, LOG_ERR, "Can't raise privileges");
+ if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
{
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
zlog_warn ("can't get ip6forwarding value");
return -1;
}
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
return ip6forwarding;
}
int ip6forwarding = 0;
len = sizeof ip6forwarding;
- if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
+ if (zserv_privs.change(ZPRIVS_RAISE))
+ zlog (NULL, LOG_ERR, "Can't raise privileges");
+ if (sysctl (mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0)
{
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
zlog_warn ("can't get ip6forwarding value");
return -1;
}
+ if (zserv_privs.change(ZPRIVS_LOWER))
+ zlog (NULL, LOG_ERR, "Can't lower privileges");
return ip6forwarding;
}
#endif /* HAVE_IPV6 */