1 #ifndef VSF_SYSDEPUTIL_H
2 #define VSF_SYSDEPUTIL_H
3 
4 #ifndef VSF_FILESIZE_H
5 #include "filesize.h"
6 #endif
7 
8 /* VSF_SYSDEPUTIL_H:
9  * Support for highly system dependent features, and querying for support
10  * or lack thereof
11  * TODO: document functions!
12  */
13 
14 struct mystr;
15 
16 /* Authentication of local users */
17 /* Return 0 for fail, 1 for success */
18 int vsf_sysdep_check_auth(struct mystr* p_user,
19                           const struct mystr* p_pass,
20                           const struct mystr* p_remote_host);
21 
22 /* Support for fine grained privilege (capabilities) */
23 int vsf_sysdep_has_capabilities(void);
24 int vsf_sysdep_has_capabilities_as_non_root(void);
25 void vsf_sysdep_keep_capabilities(void);
26 enum ESysdepCapabilities
27 {
28   kCapabilityCAP_CHOWN = 1,
29   kCapabilityCAP_NET_BIND_SERVICE = 2
30   /* NOTE - next one will be 4, this is a bitfield */
31 };
32 void vsf_sysdep_adopt_capabilities(unsigned int caps);
33 
34 /* Support for sendfile(), Linux-like interface. Collapses to a read/write
35  * loop under the covers if the target system lacks support.
36  */
37 int vsf_sysutil_sendfile(const int out_fd, const int in_fd,
38                          filesize_t* p_offset, filesize_t num_send,
39                          unsigned int max_chunk);
40 
41 /* Support for changing the process name as reported by the operating system.
42  * A useful status monitor. NOTE - we don't guarantee that this call will
43  * have any effect.
44  */
45 void vsf_sysutil_setproctitle_init(int argc, const char* argv[]);
46 void vsf_sysutil_setproctitle(const char* p_text);
47 void vsf_sysutil_setproctitle_str(const struct mystr* p_str);
48 void vsf_sysutil_set_proctitle_prefix(const struct mystr* p_str);
49 
50 /* For now, maps read/write private pages. API to be extended.. */
51 void vsf_sysutil_map_anon_pages_init(void);
52 void* vsf_sysutil_map_anon_pages(unsigned int length);
53 
54 /* File descriptor passing/receiving */
55 void vsf_sysutil_send_fd(int sock_fd, int send_fd);
56 int vsf_sysutil_recv_fd(int sock_fd);
57 
58 /* If supported, arrange for current process to die when parent dies. */
59 void vsf_set_die_if_parent_dies();
60 /* Or a softer version delivering SIGTERM. */
61 void vsf_set_term_if_parent_dies();
62 
63 /* If supported, the ability to fork into different secure namespaces (PID
64  * and IPC. Fails back to normal fork() */
65 int vsf_sysutil_fork_isolate_failok();
66 /* Same as above, but in addition tries to fork into an empty network
67  * namespace. Falls back to vsf_sysutil_fork_isolate_failok then normal fork().
68  */
69 int vsf_sysutil_fork_isolate_all_failok();
70 /* If supported, the ability to fork into an empty network namespace.
71  * Fails back to normal fork() */
72 int vsf_sysutil_fork_newnet();
73 int vsf_sysutil_getpid_nocache();
74 
75 #endif /* VSF_SYSDEPUTIL_H */
76 
77