diff options
author | Ulrich Drepper <drepper@redhat.com> | 2006-04-26 16:29:29 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2006-04-26 16:29:29 +0000 |
commit | 1f063dcadb802c57759e2ca2bf9c08e108bb3d70 (patch) | |
tree | 9405434ef42f90e6a2591ac60e36aacb8454edb5 /nscd/selinux.h | |
parent | cf86bbe6da1d90170e0ee09b5baae15332c917f2 (diff) | |
download | glibc-1f063dcadb802c57759e2ca2bf9c08e108bb3d70.zip glibc-1f063dcadb802c57759e2ca2bf9c08e108bb3d70.tar.gz glibc-1f063dcadb802c57759e2ca2bf9c08e108bb3d70.tar.bz2 |
2006-04-26 James Antill <james.antill@redhat.com>
Ulrich Drepper <drepper@redhat.com>
* config.make.in: Add have-libcap.
* configure.in: Check for libcap.
* nscd/Makefile (selinux-LIBS): Add -lcap if possible.
* nscd/connections.c (finish_drop_privileges): When libcap is available
call preserve_capabilities and install_real_capabilities.
* nscd/selinux.c: Define preserve_capabilities and
install_real_capabilities.
* nscd/selinux.h: Declare preserve_capabilities and
install_real_capabilities.
Diffstat (limited to 'nscd/selinux.h')
-rw-r--r-- | nscd/selinux.h | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/nscd/selinux.h b/nscd/selinux.h index b9eb053..9ce0628 100644 --- a/nscd/selinux.h +++ b/nscd/selinux.h @@ -1,5 +1,5 @@ /* Header for nscd SELinux access controls. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2006 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Matthew Rickard <mjricka@epoch.ncsc.mil>, 2004. @@ -22,6 +22,9 @@ #define _SELINUX_H 1 #include "nscd.h" +#ifdef HAVE_LIBCAP +# include <sys/capabilities.h> +#endif #ifdef HAVE_SELINUX /* Global variable to tell if the kernel has SELinux support. */ @@ -42,6 +45,13 @@ extern int nscd_request_avc_has_perm (int fd, request_type req); extern void nscd_avc_cache_stats (struct avc_cache_stats *cstats); /* Display statistics on AVC usage. */ extern void nscd_avc_print_stats (struct avc_cache_stats *cstats); + +# ifdef HAVE_LIBCAP +/* Preserve capabilities to connect to connnect to the audit daemon. */ +extern cap_t preserve_capabilities (void); +/* Install final capabilities. */ +extern void install_real_capabilities (cap_t new_caps); +# endif #else # define selinux_enabled 0 # define nscd_avc_init() (void) 0 |