root/maint/gnulib/lib/priv-set.c

/* [previous][next][first][last][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. priv_set_initialize
  2. priv_set_ismember
  3. priv_set_remove
  4. priv_set_restore

   1 /* Query, remove, or restore a Solaris privilege.
   2 
   3    Copyright (C) 2009-2021 Free Software Foundation, Inc.
   4 
   5    This program is free software: you can redistribute it and/or modify
   6    it under the terms of the GNU General Public License as published by
   7    the Free Software Foundation; either version 3 of the License, or
   8    (at your option) any later version.
   9 
  10    This program is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13    GNU General Public License for more details.
  14 
  15    You should have received a copy of the GNU General Public License
  16    along with this program.  If not, see <https://www.gnu.org/licenses/>.
  17 
  18    Written by David Bartley.  */
  19 
  20 #include <config.h>
  21 
  22 #define PRIV_SET_INLINE _GL_EXTERN_INLINE
  23 
  24 #include "priv-set.h"
  25 
  26 #if HAVE_GETPPRIV && HAVE_PRIV_H
  27 
  28 # include <errno.h>
  29 # include <stdbool.h>
  30 # include <priv.h>
  31 
  32 /* Holds a (cached) copy of the effective set.  */
  33 static priv_set_t *eff_set;
  34 
  35 /* Holds a set of privileges that we have removed.  */
  36 static priv_set_t *rem_set;
  37 
  38 static bool initialized;
  39 
  40 static int
  41 priv_set_initialize (void)
     /* [previous][next][first][last][top][bottom][index][help] */
  42 {
  43   if (! initialized)
  44     {
  45       eff_set = priv_allocset ();
  46       if (!eff_set)
  47         {
  48           return -1;
  49         }
  50       rem_set = priv_allocset ();
  51       if (!rem_set)
  52         {
  53           priv_freeset (eff_set);
  54           return -1;
  55         }
  56       if (getppriv (PRIV_EFFECTIVE, eff_set) != 0)
  57         {
  58           priv_freeset (eff_set);
  59           priv_freeset (rem_set);
  60           return -1;
  61         }
  62       priv_emptyset (rem_set);
  63       initialized = true;
  64     }
  65 
  66   return 0;
  67 }
  68 
  69 
  70 /* Check if priv is in the effective set.
  71    Returns 1 if priv is a member and 0 if not.
  72    Returns -1 on error with errno set appropriately.  */
  73 int
  74 priv_set_ismember (const char *priv)
     /* [previous][next][first][last][top][bottom][index][help] */
  75 {
  76   if (! initialized && priv_set_initialize () != 0)
  77     return -1;
  78 
  79   return priv_ismember (eff_set, priv);
  80 }
  81 
  82 
  83 /* Try to remove priv from the effective set.
  84    Returns 0 if priv was removed.
  85    Returns -1 on error with errno set appropriately.  */
  86 int
  87 priv_set_remove (const char *priv)
     /* [previous][next][first][last][top][bottom][index][help] */
  88 {
  89   if (! initialized && priv_set_initialize () != 0)
  90     return -1;
  91 
  92   if (priv_ismember (eff_set, priv))
  93     {
  94       /* priv_addset/priv_delset can only fail if priv is invalid, which is
  95          checked above by the priv_ismember call.  */
  96       priv_delset (eff_set, priv);
  97       if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
  98         {
  99           priv_addset (eff_set, priv);
 100           return -1;
 101         }
 102       priv_addset (rem_set, priv);
 103     }
 104   else
 105     {
 106       errno = EINVAL;
 107       return -1;
 108     }
 109 
 110   return 0;
 111 }
 112 
 113 
 114 /* Try to restore priv to the effective set.
 115    Returns 0 if priv was re-added to the effective set (after being previously
 116    removed by a call to priv_set_remove).
 117    Returns -1 on error with errno set appropriately.  */
 118 int
 119 priv_set_restore (const char *priv)
     /* [previous][next][first][last][top][bottom][index][help] */
 120 {
 121   if (! initialized && priv_set_initialize () != 0)
 122     return -1;
 123 
 124   if (priv_ismember (rem_set, priv))
 125     {
 126       /* priv_addset/priv_delset can only fail if priv is invalid, which is
 127          checked above by the priv_ismember call.  */
 128       priv_addset (eff_set, priv);
 129       if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
 130         {
 131           priv_delset (eff_set, priv);
 132           return -1;
 133         }
 134       priv_delset (rem_set, priv);
 135     }
 136   else
 137     {
 138       errno = EINVAL;
 139       return -1;
 140     }
 141 
 142   return 0;
 143 }
 144 
 145 #endif

/* [previous][next][first][last][top][bottom][index][help] */