[thirdparty/systemd.git] / src / basic / capability-util.h

#pragma once

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdbool.h>
#include <stdint.h>
#include <sys/capability.h>
#include <sys/types.h>

#include "macro.h"
#include "util.h"

#define CAP_ALL (uint64_t) -1

unsigned long cap_last_cap(void);
int have_effective_cap(int value);
int capability_bounding_set_drop(uint64_t keep, bool right_now);
int capability_bounding_set_drop_usermode(uint64_t keep);

int capability_ambient_set_apply(uint64_t set, bool also_inherit);
int capability_update_inherited_set(cap_t caps, uint64_t ambient_set);

int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities);

int drop_capability(cap_value_t cv);

DEFINE_TRIVIAL_CLEANUP_FUNC(cap_t, cap_free);
#define _cleanup_cap_free_ _cleanup_(cap_freep)

static inline void cap_free_charpp(char **p) {
        if (*p)
                cap_free(*p);
}
#define _cleanup_cap_free_charp_ _cleanup_(cap_free_charpp)

static inline bool cap_test_all(uint64_t caps) {
        uint64_t m;
        m = (UINT64_C(1) << (cap_last_cap() + 1)) - 1;
        return (caps & m) == m;
}
Commit	Line	Data
05d3a176	1	#pragma once
7f110ff9 LP	2
	3	/***
	4	This file is part of systemd.
	5
d7832d2c	6	Copyright 2010 Lennart Poettering
7f110ff9 LP	7
7f110ff9 LP	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
7f110ff9 LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
7f110ff9	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
7f110ff9 LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
ec8927ca	22	#include <stdbool.h>
11c3a366	23	#include <stdint.h>
5ce70e5b	24	#include <sys/capability.h>
11c3a366	25	#include <sys/types.h>
5ce70e5b	26
11c3a366	27	#include "macro.h"
5ce70e5b	28	#include "util.h"
ec8927ca	29
a103496c IP	30	#define CAP_ALL (uint64_t) -1
a103496c IP	31
d7832d2c KS	32	unsigned long cap_last_cap(void);
d7832d2c KS	33	int have_effective_cap(int value);
a103496c IP	34	int capability_bounding_set_drop(uint64_t keep, bool right_now);
a103496c IP	35	int capability_bounding_set_drop_usermode(uint64_t keep);
5ce70e5b	36
755d4b67 IP	37	int capability_ambient_set_apply(uint64_t set, bool also_inherit);
	38	int capability_update_inherited_set(cap_t caps, uint64_t ambient_set);
	39
45afd519	40	int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities);
966bff26	41
dd5ae4c3 PK	42	int drop_capability(cap_value_t cv);
dd5ae4c3 PK	43
5ce70e5b ZJS	44	DEFINE_TRIVIAL_CLEANUP_FUNC(cap_t, cap_free);
	45	#define _cleanup_cap_free_ _cleanup_(cap_freep)
	46
	47	static inline void cap_free_charpp(char **p) {
	48	if (*p)
	49	cap_free(*p);
	50	}
	51	#define _cleanup_cap_free_charp_ _cleanup_(cap_free_charpp)
a103496c IP	52
	53	static inline bool cap_test_all(uint64_t caps) {
	54	uint64_t m;
	55	m = (UINT64_C(1) << (cap_last_cap() + 1)) - 1;
	56	return (caps & m) == m;
	57	}