2003-06-04 Paul Jakma <paul@dishone.st>
* Merge of zebra privileges
diff --git a/zebra/kernel_socket.c b/zebra/kernel_socket.c
index 17893a8..30e0fb1 100644
--- a/zebra/kernel_socket.c
+++ b/zebra/kernel_socket.c
@@ -31,11 +31,14 @@
#include "str.h"
#include "table.h"
#include "rib.h"
+#include "privs.h"
#include "zebra/interface.h"
#include "zebra/zserv.h"
#include "zebra/debug.h"
+extern struct zebra_privs_t zserv_privs;
+
/* Socket length roundup function. */
#define ROUNDUP(a) \
((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
@@ -798,16 +801,23 @@
void
routing_socket ()
{
+ if ( zserv_privs.change (ZPRIVS_RAISE) )
+ zlog_err ("routing_socket: Can't raise privileges");
+
routing_sock = socket (AF_ROUTE, SOCK_RAW, 0);
if (routing_sock < 0)
{
+ if ( zserv_privs.change (ZPRIVS_LOWER) )
+ zlog_err ("routing_socket: Can't lower privileges");
zlog_warn ("Can't init kernel routing socket");
return;
}
if (fcntl (routing_sock, F_SETFL, O_NONBLOCK) < 0)
zlog_warn ("Can't set O_NONBLOCK to routing socket");
+ if ( zserv_privs.change (ZPRIVS_LOWER) )
+ zlog_err ("routing_socket: Can't lower privileges");
/* kernel_read needs rewrite. */
thread_add_read (master, kernel_read, NULL, routing_sock);