--- /dev/null
+/* -*- buffer-read-only: t -*- vi: set ro: */
+/* DO NOT EDIT! GENERATED AUTOMATICALLY! */
+/* Query, remove, or restore a Solaris privilege.
+
+ Copyright (C) 2009, 2010 Free Software Foundation, Inc.
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ Written by David Bartley. */
+
+#include <config.h>
+#include "priv-set.h"
+
+#if HAVE_GETPPRIV
+
+# include <errno.h>
+# include <stdbool.h>
+# include <priv.h>
+
+/* Holds a (cached) copy of the effective set. */
+static priv_set_t *eff_set;
+
+/* Holds a set of privileges that we have removed. */
+static priv_set_t *rem_set;
+
+static bool initialized;
+
+static int
+priv_set_initialize (void)
+{
+ if (! initialized)
+ {
+ eff_set = priv_allocset ();
+ if (!eff_set)
+ {
+ return -1;
+ }
+ rem_set = priv_allocset ();
+ if (!rem_set)
+ {
+ priv_freeset (eff_set);
+ return -1;
+ }
+ if (getppriv (PRIV_EFFECTIVE, eff_set) != 0)
+ {
+ priv_freeset (eff_set);
+ priv_freeset (rem_set);
+ return -1;
+ }
+ priv_emptyset (rem_set);
+ initialized = true;
+ }
+
+ return 0;
+}
+
+
+/* Check if priv is in the effective set.
+ Returns 1 if priv is a member and 0 if not.
+ Returns -1 on error with errno set appropriately. */
+int
+priv_set_ismember (const char *priv)
+{
+ if (! initialized && priv_set_initialize () != 0)
+ return -1;
+
+ return priv_ismember (eff_set, priv);
+}
+
+
+/* Try to remove priv from the effective set.
+ Returns 0 if priv was removed from or was not present in the effective set.
+ Returns -1 on error with errno set appropriately. */
+int
+priv_set_remove (const char *priv)
+{
+ if (! initialized && priv_set_initialize () != 0)
+ return -1;
+
+ if (priv_ismember (eff_set, priv))
+ {
+ /* priv_addset/priv_delset can only fail if priv is invalid, which is
+ checked above by the priv_ismember call. */
+ priv_delset (eff_set, priv);
+ if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
+ {
+ priv_addset (eff_set, priv);
+ return -1;
+ }
+ priv_addset (rem_set, priv);
+ }
+ else
+ {
+ errno = EINVAL;
+ return -1;
+ }
+
+ return 0;
+}
+
+
+/* Try to restore priv to the effective set.
+ Returns 0 if priv was re-added to the effective set (after being prviously
+ removed by a call to priv_set_remove) or if priv was already in the
+ effective set.
+ Returns -1 on error with errno set appropriately. */
+int
+priv_set_restore (const char *priv)
+{
+ if (! initialized && priv_set_initialize () != 0)
+ return -1;
+
+ if (priv_ismember (rem_set, priv))
+ {
+ /* priv_addset/priv_delset can only fail if priv is invalid, which is
+ checked above by the priv_ismember call. */
+ priv_addset (eff_set, priv);
+ if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
+ {
+ priv_delset (eff_set, priv);
+ return -1;
+ }
+ priv_delset (rem_set, priv);
+ }
+ else
+ {
+ errno = EINVAL;
+ return -1;
+ }
+
+ return 0;
+}
+
+#endif
projects / tar / blobdiff