2003-06-04 Paul Jakma <paul@dishone.st>
* Merge of zebra privileges
diff --git a/ripngd/Makefile.am b/ripngd/Makefile.am
index a681064..d9db576 100644
--- a/ripngd/Makefile.am
+++ b/ripngd/Makefile.am
@@ -17,7 +17,7 @@
ripngd_SOURCES = \
ripng_main.c $(libripng_a_SOURCES)
-ripngd_LDADD = -L../lib -lzebra
+ripngd_LDADD = -L../lib -lzebra @LIBCAP@
sysconf_DATA = ripngd.conf.sample
diff --git a/ripngd/ripng_main.c b/ripngd/ripng_main.c
index 44c3876..bd1972a 100644
--- a/ripngd/ripng_main.c
+++ b/ripngd/ripng_main.c
@@ -32,6 +32,7 @@
#include "log.h"
#include "prefix.h"
#include "if.h"
+#include "privs.h"
#include "ripngd/ripngd.h"
@@ -51,10 +52,32 @@
{ "vty_addr", required_argument, NULL, 'A'},
{ "vty_port", required_argument, NULL, 'P'},
{ "retain", no_argument, NULL, 'r'},
+ { "user", required_argument, NULL, 'u'},
{ "version", no_argument, NULL, 'v'},
{ 0 }
};
+/* ripngd privileges */
+zebra_capabilities_t _caps_p [] =
+{
+ ZCAP_RAW,
+ ZCAP_BIND
+};
+
+struct zebra_privs_t ripngd_privs =
+{
+#if defined(ZEBRA_USER)
+ .user = ZEBRA_USER,
+#endif
+#if defined ZEBRA_GROUP
+ .group = ZEBRA_GROUP,
+#endif
+ .caps_p = _caps_p,
+ .cap_num_p = 2,
+ .cap_num_i = 0
+};
+
+
/* RIPngd program name */
/* Route retain mode flag. */
@@ -89,6 +112,7 @@
-A, --vty_addr Set vty's bind address\n\
-P, --vty_port Set vty's port number\n\
-r, --retain When program terminates, retain added route by ripngd.\n\
+-u, --user User and group to run as\n\
-v, --version Print program version\n\
-h, --help Display this help and exit\n\
\n\
@@ -190,7 +214,7 @@
{
int opt;
- opt = getopt_long (argc, argv, "dlf:hA:P:v", longopts, 0);
+ opt = getopt_long (argc, argv, "dlf:hA:P:u:v", longopts, 0);
if (opt == EOF)
break;
@@ -228,6 +252,9 @@
case 'r':
retain_mode = 1;
break;
+ case 'u':
+ ripngd_privs.group = ripngd_privs.user = optarg;
+ break;
case 'v':
print_version (progname);
exit (0);
@@ -244,6 +271,7 @@
master = thread_master_create ();
/* Library inits. */
+ zprivs_init (&ripngd_privs);
signal_init ();
cmd_init (1);
vty_init ();