Implementaion of environment setup routines that require root privileges. More...

#include "config.hpp"
#include "utils/environment.hpp"
#include "utils/execute.hpp"
#include "utils/exception.hpp"
#include "utils/make-clean.hpp"
#include "utils/fd-utils.hpp"
#include "base-exception.hpp"
#include "logger/logger.hpp"
#include <grp.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <cstring>
#include <sys/socket.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <map>
#include <iomanip>
#include <cassert>
#include <features.h>
#include <linux/capability.h>
#include <sys/prctl.h>
#include <sys/syscall.h>

Namespaces
	utils

Macros
#define	CAP_SET_INHERITABLE (1 << 0)

#define	CAP_SET_PERMITTED (1 << 1)

#define	CAP_SET_EFFECTIVE (1 << 2)

#define	CAP_DATA_ELEMENT_COUNT 2

Functions
bool	utils::setSuppGroups (const std::vector< std::string > &groups)
	Set supplementary groups to the current process. More...

bool	utils::dropRoot (uid_t uid, gid_t gid, const std::vector< unsigned int > &caps)
	Set effective and permitted capabilities on the current process and drop root privileges. More...

bool	utils::launchAsRoot (const std::function< bool()> &func)
	Launch func as root user. More...

bool	utils::joinToNs (int nsPid, int ns)
	Join to namespace. More...

int	utils::passNamespacedFd (int nsPid, int ns, const std::function< int()> &fdFactory)
	Pass file descriptor from namespace of some process. More...

Detailed Description

Implementaion of environment setup routines that require root privileges.

Author: Michal Witanowski (m.wit.nosp@m.anow.nosp@m.ski@s.nosp@m.amsu.nosp@m.ng.co.nosp@m.m)

Macro Definition Documentation

#define CAP_DATA_ELEMENT_COUNT 2

#define CAP_SET_EFFECTIVE (1 << 2)

#define CAP_SET_INHERITABLE (1 << 0)

#define CAP_SET_PERMITTED (1 << 1)

Namespaces

Macros

Functions

Detailed Description

Macro Definition Documentation