diff options
Diffstat (limited to 'src/charon/daemon.h')
| -rw-r--r-- | src/charon/daemon.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/charon/daemon.h b/src/charon/daemon.h index c442094ff..b7edad862 100644 --- a/src/charon/daemon.h +++ b/src/charon/daemon.h @@ -332,6 +332,8 @@ typedef struct daemon_t daemon_t; */ #define SECRETS_FILE CONFIG_DIR "/ipsec.secrets" +#define IPSEC_USER "nobody" + /** * @brief Main class of daemon, contains some globals. * @@ -419,6 +421,15 @@ struct daemon_t { interface_manager_t *interfaces; /** + * @brief Let the calling thread drop its capabilities. + * + * @param this calling daemon + * @param netlink TRUE to keep CAP_NET_ADMIN (using netlink) + * @param bind TRUE to keep CAP_NET_BIND_SERVICE and CAP_NET_RAW + */ + void (*drop_capabilities) (daemon_t *this, bool netlink, bool bind); + + /** * @brief Shut down the daemon. * * @param this the daemon to kill |