privconfig.h File Reference
Airframe Privilege Configuration Support. More...
#include <airframe/autoinc.h>
#include <airframe/airopt.h>
Go to the source code of this file.
Defines | |
#define | PRIVC_ERROR_DOMAIN g_quark_from_string("airframePrivilegeError") |
GError domain for privconfig errors. | |
#define | PRIVC_ERROR_SETUP 1 |
Privconfig setup error. | |
#define | PRIVC_ERROR_FAILED 2 |
Privilege drop error. | |
#define | PRIVC_ERROR_ALREADY 3 |
Couldn't drop privilege because privilege already dropped. | |
#define | PRIVC_ERROR_NODROP 4 |
Won't drop privilege because not running as root. | |
Functions | |
gboolean | privc_add_option_group (AirOptionCtx *aoctx) |
Return an option group for privilege configuration. | |
gboolean | privc_setup (GError **err) |
Set up privilege configuration. | |
gboolean | privc_configured () |
Determine if the user wants to drop privileges. | |
gboolean | privc_become (GError **err) |
Drop privileges if necessary. |
Detailed Description
Airframe Privilege Configuration Support.Supplies privilege dropping for post-root initialization reduction of privileges (e.g. for live packet capture applications) and the command line option processing necessary to use it. Use this when you want to drop privileges after doing one-time setup as root.
Define Documentation
|
Privconfig setup error. Signifies that setup failed because of bad command line options. |
Function Documentation
|
Return an option group for privilege configuration. This option group defines two options: --become-user (-U) to become a specified user by name, and --become-group to additionally specify a group to become (otherwise, drops privileges to the given user's default group.)
|
|
Drop privileges if necessary. Returns TRUE if not running as root. Returns FALSE if running as root with no --become-user option with PRIVC_ERROR_NODROP, or if privc_become() was already called succsssfully with PRIVC_ERROR_ALREADY. If for some reason a required privilege drop fails, returns FALSE with PRIVC_ERROR_FAILED.
|
|
Determine if the user wants to drop privileges. Use this to determine whether warn the user if the application will not call priv_become() due to some application-specific state.
|
|
Set up privilege configuration. Call this after parsing an options context including a GOptionGroup returned from privc_option_group(). This sets up internal state used by the other privconfig calls.
|