summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDamjan Marion <damarion@cisco.com>2017-06-21 11:57:07 +0200
committerDave Barach <openvpp@barachs.net>2017-06-21 15:22:06 +0000
commita54230d4e79e088b13f581e301846fc3e259548e (patch)
treea50d7159c7d50eb9bb62c482e856284feaefb524
parentca1936123cbe2c02521dce6c7890d66135888654 (diff)
Add knob to specify effective group id (gid) for VPP process
Change-Id: Icf9bd4abda058fb380f1a25d5fe3917ffb38b1c4 Signed-off-by: Damjan Marion <damarion@cisco.com>
-rw-r--r--src/vlib/unix/main.c7
-rw-r--r--src/vppinfra/format.h3
-rw-r--r--src/vppinfra/unix-formats.c26
3 files changed, 36 insertions, 0 deletions
diff --git a/src/vlib/unix/main.c b/src/vlib/unix/main.c
index e31ea81583e..ad1a7c3ccda 100644
--- a/src/vlib/unix/main.c
+++ b/src/vlib/unix/main.c
@@ -48,6 +48,7 @@
#include <fcntl.h>
#include <sys/time.h>
#include <sys/resource.h>
+#include <unistd.h>
/** Default CLI pager limit is not configured in startup.conf */
#define UNIX_CLI_DEFAULT_PAGER_LIMIT 100000
@@ -313,6 +314,7 @@ unix_config (vlib_main_t * vm, unformat_input_t * input)
{
unix_main_t *um = &unix_main;
clib_error_t *error = 0;
+ gid_t gid;
/* Defaults */
um->cli_pager_buffer_limit = UNIX_CLI_DEFAULT_PAGER_LIMIT;
@@ -404,6 +406,11 @@ unix_config (vlib_main_t * vm, unformat_input_t * input)
vec_free (lv);
}
}
+ else if (unformat (input, "gid %U", unformat_unix_gid, &gid))
+ {
+ if (setegid (gid) == -1)
+ return clib_error_return_unix (0, "setegid");
+ }
else
return clib_error_return (0, "unknown input `%U'",
format_unformat_error, input);
diff --git a/src/vppinfra/format.h b/src/vppinfra/format.h
index bec1b6b410d..5b7023a3023 100644
--- a/src/vppinfra/format.h
+++ b/src/vppinfra/format.h
@@ -310,6 +310,9 @@ void unformat_init_unix_file (unformat_input_t * input, int file_descriptor);
/* Take input from Unix environment variable; returns
1 if variable exists zero otherwise. */
uword unformat_init_unix_env (unformat_input_t * input, char *var);
+
+/* Unformat unix group id (gid) specified as integer or string */
+unformat_function_t unformat_unix_gid;
#endif /* CLIB_UNIX */
/* Test code. */
diff --git a/src/vppinfra/unix-formats.c b/src/vppinfra/unix-formats.c
index a4c81ca2f70..91986516108 100644
--- a/src/vppinfra/unix-formats.c
+++ b/src/vppinfra/unix-formats.c
@@ -49,6 +49,7 @@
#include <unistd.h>
#include <signal.h>
+#include <grp.h>
#include <time.h>
#include <sys/socket.h>
@@ -915,4 +916,29 @@ u8 * format_ucontext_pc (u8 * s, va_list * args)
return format (s, "%p", regs[reg_no]);
}
+uword
+unformat_unix_gid (unformat_input_t * input, va_list * args)
+{
+ gid_t *gid = va_arg (*args, gid_t *);
+ struct group *grp = 0;
+ int r;
+ u8 *s;
+
+ if (unformat (input, "%d", &r))
+ {
+ grp = getgrgid (r);
+ }
+ else if (unformat (input, "%s", &s))
+ {
+ grp = getgrnam ((char *) s);
+ vec_free (s);
+ }
+ if (grp)
+ {
+ *gid = grp->gr_gid;
+ return 1;
+ }
+ return 0;
+}
+
#endif /* __KERNEL__ */