0a7888b1fa
Closes #154 Currently this has three functions: one which returns the list of subuid ranges for a user, one returning the subgids, and one which frees the ranges lists. I might be mistaken about what -disable-man means; some of the code suggests it means just don't re-generate them, but not totally ignore them. But that doesn't seem to really work, so let's just ignore man/ when -disable-man. Remove --disable-shared. I'm not sure why it was there, but it stems from long, long ago, and I suspect it comes from some ancient toolchain bug. Create a tests/run_some, a shorter version of run_all. I'll slowly add tests to this as I verify they work, then I can work on fixing the once which don't. Also, don't touch man/ if not -enable-man. Changelog: Apr 22: change the subid list api as recomended by Dan Walsh. Apr 23: implement get_subid_owner Apr 24: implement range add/release Apr 25: finish tests and rebase May 10: make @owner const Signed-off-by: Serge Hallyn <serge@hallyn.com>
18 lines
683 B
C
18 lines
683 B
C
#include "subid.h"
|
|
#include <stdbool.h>
|
|
|
|
struct subordinate_range **get_subuid_ranges(const char *owner);
|
|
struct subordinate_range **get_subgid_ranges(const char *owner);
|
|
void subid_free_ranges(struct subordinate_range **ranges);
|
|
|
|
int get_subuid_owners(uid_t uid, uid_t **owner);
|
|
int get_subgid_owners(uid_t uid, uid_t **owner);
|
|
|
|
/* range should be pre-allocated with owner and count filled in, start is
|
|
* ignored, can be 0 */
|
|
bool grant_subuid_range(struct subordinate_range *range, bool reuse);
|
|
bool grant_subgid_range(struct subordinate_range *range, bool reuse);
|
|
|
|
bool free_subuid_range(struct subordinate_range *range);
|
|
bool free_subgid_range(struct subordinate_range *range);
|