diff options
author | Damjan Marion <damarion@cisco.com> | 2017-06-21 11:57:07 +0200 |
---|---|---|
committer | Dave Barach <openvpp@barachs.net> | 2017-06-21 15:22:06 +0000 |
commit | a54230d4e79e088b13f581e301846fc3e259548e (patch) | |
tree | a50d7159c7d50eb9bb62c482e856284feaefb524 /src | |
parent | ca1936123cbe2c02521dce6c7890d66135888654 (diff) |
Add knob to specify effective group id (gid) for VPP process
Change-Id: Icf9bd4abda058fb380f1a25d5fe3917ffb38b1c4
Signed-off-by: Damjan Marion <damarion@cisco.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/vlib/unix/main.c | 7 | ||||
-rw-r--r-- | src/vppinfra/format.h | 3 | ||||
-rw-r--r-- | src/vppinfra/unix-formats.c | 26 |
3 files changed, 36 insertions, 0 deletions
diff --git a/src/vlib/unix/main.c b/src/vlib/unix/main.c index e31ea81583e..ad1a7c3ccda 100644 --- a/src/vlib/unix/main.c +++ b/src/vlib/unix/main.c @@ -48,6 +48,7 @@ #include <fcntl.h> #include <sys/time.h> #include <sys/resource.h> +#include <unistd.h> /** Default CLI pager limit is not configured in startup.conf */ #define UNIX_CLI_DEFAULT_PAGER_LIMIT 100000 @@ -313,6 +314,7 @@ unix_config (vlib_main_t * vm, unformat_input_t * input) { unix_main_t *um = &unix_main; clib_error_t *error = 0; + gid_t gid; /* Defaults */ um->cli_pager_buffer_limit = UNIX_CLI_DEFAULT_PAGER_LIMIT; @@ -404,6 +406,11 @@ unix_config (vlib_main_t * vm, unformat_input_t * input) vec_free (lv); } } + else if (unformat (input, "gid %U", unformat_unix_gid, &gid)) + { + if (setegid (gid) == -1) + return clib_error_return_unix (0, "setegid"); + } else return clib_error_return (0, "unknown input `%U'", format_unformat_error, input); diff --git a/src/vppinfra/format.h b/src/vppinfra/format.h index bec1b6b410d..5b7023a3023 100644 --- a/src/vppinfra/format.h +++ b/src/vppinfra/format.h @@ -310,6 +310,9 @@ void unformat_init_unix_file (unformat_input_t * input, int file_descriptor); /* Take input from Unix environment variable; returns 1 if variable exists zero otherwise. */ uword unformat_init_unix_env (unformat_input_t * input, char *var); + +/* Unformat unix group id (gid) specified as integer or string */ +unformat_function_t unformat_unix_gid; #endif /* CLIB_UNIX */ /* Test code. */ diff --git a/src/vppinfra/unix-formats.c b/src/vppinfra/unix-formats.c index a4c81ca2f70..91986516108 100644 --- a/src/vppinfra/unix-formats.c +++ b/src/vppinfra/unix-formats.c @@ -49,6 +49,7 @@ #include <unistd.h> #include <signal.h> +#include <grp.h> #include <time.h> #include <sys/socket.h> @@ -915,4 +916,29 @@ u8 * format_ucontext_pc (u8 * s, va_list * args) return format (s, "%p", regs[reg_no]); } +uword +unformat_unix_gid (unformat_input_t * input, va_list * args) +{ + gid_t *gid = va_arg (*args, gid_t *); + struct group *grp = 0; + int r; + u8 *s; + + if (unformat (input, "%d", &r)) + { + grp = getgrgid (r); + } + else if (unformat (input, "%s", &s)) + { + grp = getgrnam ((char *) s); + vec_free (s); + } + if (grp) + { + *gid = grp->gr_gid; + return 1; + } + return 0; +} + #endif /* __KERNEL__ */ |