summaryrefslogtreecommitdiff
path: root/privs.c
blob: ac4ad25c337b2db978b5a9e76cefc2218e7eb07f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

#include <unistd.h>
#include <sys/types.h>

#include "privs.h"
#include "die.h"

void drop_privileges(bool enforce, uid_t uid, gid_t gid)
{
	if (enforce) {
		if (uid == getuid())
			panic("Uid cannot be the same as the current user!\n");
		if (gid == getgid())
			panic("Gid cannot be the same as the current user!\n");
	}
	if (setgid(gid) != 0)
		panic("Unable to drop group privileges: %s!\n", strerror(errno));
	if (setuid(uid) != 0)
		panic("Unable to drop user privileges: %s!\n", strerror(errno));
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-15 04:53:39 +0000
bel'>mode:
authorRichard Guy Briggs <rbriggs@redhat.com>2016-11-29 16:53:23 -0500
committerPaul Moore <paul@paul-moore.com>2016-12-14 13:06:04 -0500
commit55a6f170a413cd8dc7a3a52e5a326e1a87579b4f (patch)
tree3e2336faf3b6e29962b20095df6d3d6c4a415608 /Documentation/iostats.txt
parent8fae47705685fcaa75a1fe4c8c3e18300a702979 (diff)
audit: move kaudit thread start from auditd registration to kaudit init (#2)
Richard made this change some time ago but Eric backed it out because the rest of the supporting code wasn't ready. In order to move the netlink multicast send to kauditd_thread we need to ensure the kauditd_thread is always running, so restore commit 6ff5e459 ("audit: move kaudit thread start from auditd registration to kaudit init"). Signed-off-by: Richard Guy Briggs <rbriggs@redhat.com> [PM: brought forward and merged based on Richard's old patch] Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'Documentation/iostats.txt')