extern int get_pid (const char *pidstr, pid_t *pid);
/* getrange */
-extern int getrange (char *range,
+extern int getrange (const char *range,
unsigned long *min, bool *has_min,
unsigned long *max, bool *has_max);
static int check_gid (const gid_t gid,
const gid_t gid_min,
const gid_t gid_max,
- bool *used_gids)
+ const bool *used_gids)
{
/* First test that the preferred ID is in the range */
if (gid < gid_min || gid > gid_max) {
static int check_uid(const uid_t uid,
const uid_t uid_min,
const uid_t uid_max,
- bool *used_uids)
+ const bool *used_uids)
{
/* First test that the preferred ID is in the range */
if (uid < uid_min || uid > uid_max) {
* If the range is valid, getrange returns 1.
* If the range is not valid, getrange returns 0.
*/
-int getrange (char *range,
+int getrange (const char *range,
unsigned long *min, bool *has_min,
unsigned long *max, bool *has_max)
{
#define ULONG_DIGITS ((((sizeof(unsigned long) * CHAR_BIT) + 9)/10)*3)
#if HAVE_SYS_CAPABILITY_H
-static inline bool maps_lower_root(int cap, int ranges, struct map_range *mappings)
+static inline bool maps_lower_root(int cap, int ranges, const struct map_range *mappings)
{
int idx;
- struct map_range *mapping;
+ const struct map_range *mapping;
if (cap != CAP_SETUID)
return false;
* when the root user calls the new{g,u}idmap binary for an unprivileged user.
* If this is wanted: use file capabilities!
*/
-void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
+void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings,
const char *map_file, uid_t ruid)
{
int idx;
- struct map_range *mapping;
+ const struct map_range *mapping;
size_t bufsize;
char *buf, *pos;
int fd;
extern struct map_range *get_map_ranges(int ranges, int argc, char **argv);
extern void write_mapping(int proc_dir_fd, int ranges,
- struct map_range *mappings, const char *map_file, uid_t ruid);
+ const struct map_range *mappings, const char *map_file, uid_t ruid);
#endif /* _ID_MAPPING_H_ */
projects / thirdparty / shadow.git / commitdiff
