diff options
author | pjd <pjd@FreeBSD.org> | 2011-01-28 22:33:47 +0000 |
---|---|---|
committer | pjd <pjd@FreeBSD.org> | 2011-01-28 22:33:47 +0000 |
commit | 1d4238ea6d7bb3df80ae2d80f0563eb3b688c32f (patch) | |
tree | 9e1f37d4547c7063d6f249104a2aa450d7ef0cdb /sbin/hastd/subr.h | |
parent | b28599779707d219cdb016a8fbde16168a52faed (diff) | |
download | FreeBSD-src-1d4238ea6d7bb3df80ae2d80f0563eb3b688c32f.zip FreeBSD-src-1d4238ea6d7bb3df80ae2d80f0563eb3b688c32f.tar.gz |
Implement function that drops privileges by:
- chrooting to /var/empty (user hast home directory),
- setting groups to 'hast' (user hast primary group),
- setting real group id, effective group id and saved group id to 'hast',
- setting real user id, effective user id and saved user id to 'hast'.
At the end verify that those operations where successfull.
MFC after: 1 week
Diffstat (limited to 'sbin/hastd/subr.h')
-rw-r--r-- | sbin/hastd/subr.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sbin/hastd/subr.h b/sbin/hastd/subr.h index c486f5c..913d2a4 100644 --- a/sbin/hastd/subr.h +++ b/sbin/hastd/subr.h @@ -47,5 +47,6 @@ int provinfo(struct hast_resource *res, bool dowrite); const char *role2str(int role); +int drop_privs(void); #endif /* !_SUBR_H_ */ |