![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ab32485)
raw | patch | inline | side by side (parent: ab32485)
| author | Marc Fournier <marc.fournier@camptocamp.com> | |
| Tue, 26 Jan 2016 17:14:09 +0000 (18:14 +0100) | ||
| committer | Marc Fournier <marc.fournier@camptocamp.com> | |
| Wed, 10 Aug 2016 06:05:33 +0000 (08:05 +0200) |
This is largely inspired by the capability check done in
src/turbostat.c, so most of the credits go to Vincent Brillault.
src/turbostat.c, so most of the credits go to Vincent Brillault.
| src/daemon/common.c | patch | blob | history | |
| src/daemon/common.h | patch | blob | history |
diff --git a/src/daemon/common.c b/src/daemon/common.c
index c4dbecbec9cb8c9c4d883d9b11def27ca1316390..3e2db15a78a4230beaa8eb037b1763169c84df7c 100644 (file)
--- a/src/daemon/common.c
+++ b/src/daemon/common.c
# include <arpa/inet.h>
#endif
+#ifdef HAVE_SYS_CAPABILITY_H
+# include <sys/capability.h>
+#endif
+
#ifdef HAVE_LIBKSTAT
extern kstat_ctl_t *kc;
#endif
sfree (array[i]);
sfree (array);
} /* }}} void strarray_free */
+
+#ifdef HAVE_SYS_CAPABILITY_H
+int check_capability (int capability) /* {{{ */
+{
+ struct __user_cap_header_struct cap_header_data;
+ cap_user_header_t cap_header = &cap_header_data;
+ struct __user_cap_data_struct cap_data_data;
+ cap_user_data_t cap_data = &cap_data_data;
+
+ cap_header->pid = getpid();
+ cap_header->version = _LINUX_CAPABILITY_VERSION;
+ if (capget(cap_header, cap_data) < 0)
+ {
+ ERROR("check_capability: capget failed");
+ return (-1);
+ }
+
+ if ((cap_data->effective & (1 << capability)) == 0)
+ return (-1);
+ else
+ return (0);
+} /* }}} int check_capability */
+#endif
diff --git a/src/daemon/common.h b/src/daemon/common.h
index 5ad2b50dc9d78778fb8b20f1577c3c6d33c48779..720e5f1bc0a408f097fe1d586b5bbb26dda9bcce 100644 (file)
--- a/src/daemon/common.h
+++ b/src/daemon/common.h
int strarray_add (char ***ret_array, size_t *ret_array_len, char const *str);
void strarray_free (char **array, size_t array_len);
+#ifdef HAVE_SYS_CAPABILITY_H
+/** Check if the current process benefits from the capability passed in
+ * argument. Returns zero if it does, less than zero if it doesn't or on error.
+ * See capabilities(7) for the list of possible capabilities.
+ * */
+int check_capability (int capability);
+#endif /* HAVE_SYS_CAPABILITY_H */
+
#endif /* COMMON_H */