From a936270941b204662fbc65fe1089a822c3d009e0 Mon Sep 17 00:00:00 2001 From: paul Date: Tue, 27 May 2003 09:56:50 +0000 Subject: Rivo Nurgess: - privs ports for zebra/kernel_socket.c and zebra/ipforward_solaris.c - configure fix for VTY_GROUP. Paul Jakma: add lib/debug.? - lib/zebra.h,lib/debug.{c,h}: experimental glibc backtrace support - Little tweaks and fixes to lib/privs.? - ospfd/ospf_main.c: tweaks, add experimental backtrace suppor (glibc only) - Cleanup configure.ac IPv6 handling. - remove acconfig.h - update cvsignore's - tweaks to redhat spec file, add users/groups --- zebra/kernel_socket.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'zebra/kernel_socket.c') diff --git a/zebra/kernel_socket.c b/zebra/kernel_socket.c index 17893a87..30e0fb1d 100644 --- a/zebra/kernel_socket.c +++ b/zebra/kernel_socket.c @@ -31,11 +31,14 @@ #include "str.h" #include "table.h" #include "rib.h" +#include "privs.h" #include "zebra/interface.h" #include "zebra/zserv.h" #include "zebra/debug.h" +extern struct zebra_privs_t zserv_privs; + /* Socket length roundup function. */ #define ROUNDUP(a) \ ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) @@ -798,16 +801,23 @@ kernel_read (struct thread *thread) void routing_socket () { + if ( zserv_privs.change (ZPRIVS_RAISE) ) + zlog_err ("routing_socket: Can't raise privileges"); + routing_sock = socket (AF_ROUTE, SOCK_RAW, 0); if (routing_sock < 0) { + if ( zserv_privs.change (ZPRIVS_LOWER) ) + zlog_err ("routing_socket: Can't lower privileges"); zlog_warn ("Can't init kernel routing socket"); return; } if (fcntl (routing_sock, F_SETFL, O_NONBLOCK) < 0) zlog_warn ("Can't set O_NONBLOCK to routing socket"); + if ( zserv_privs.change (ZPRIVS_LOWER) ) + zlog_err ("routing_socket: Can't lower privileges"); /* kernel_read needs rewrite. */ thread_add_read (master, kernel_read, NULL, routing_sock); -- cgit v1.2.3