diff options
Diffstat (limited to 'lib/prototypes.h')
| -rw-r--r-- | lib/prototypes.h | 70 |
1 files changed, 64 insertions, 6 deletions
diff --git a/lib/prototypes.h b/lib/prototypes.h index 22603b98..1d1586d4 100644 --- a/lib/prototypes.h +++ b/lib/prototypes.h @@ -59,7 +59,8 @@ #include "defines.h" #include "commonio.h" -extern /*@observer@*/ const char *Prog; +extern /*@observer@*/ const char *Prog; /* Program name showed in error messages */ +extern FILE *shadow_logfd; /* file descripter to which error messages are printed */ /* addgrps.c */ #if defined (HAVE_SETGROUPS) && ! defined (USE_PAM) @@ -161,12 +162,10 @@ extern int find_new_uid (bool sys_user, #ifdef ENABLE_SUBIDS /* find_new_sub_gids.c */ -extern int find_new_sub_gids (const char *owner, - gid_t *range_start, unsigned long *range_count); +extern int find_new_sub_gids (gid_t *range_start, unsigned long *range_count); /* find_new_sub_uids.c */ -extern int find_new_sub_uids (const char *owner, - uid_t *range_start, unsigned long *range_count); +extern int find_new_sub_uids (uid_t *range_start, unsigned long *range_count); #endif /* ENABLE_SUBIDS */ @@ -208,7 +207,9 @@ extern void __gr_set_changed (void); /* groupmem.c */ extern /*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent); +extern void gr_free_members (struct group *grent); extern void gr_free (/*@out@*/ /*@only@*/struct group *grent); +extern bool gr_append_member (struct group *grp, char *member); /* hushed.c */ extern bool hushed (const char *username); @@ -262,6 +263,62 @@ extern void motd (void); /* myname.c */ extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void); +/* nss.c */ +#include <libsubid/subid.h> +extern void nss_init(char *nsswitch_path); +extern bool nss_is_initialized(); + +struct subid_nss_ops { + /* + * nss_has_range: does a user own a given subid range + * + * @owner: username + * @start: first subid in queried range + * @count: number of subids in queried range + * @idtype: subuid or subgid + * @result: true if @owner has been allocated the subid range. + * + * returns success if the module was able to determine an answer (true or false), + * else an error status. + */ + enum subid_status (*has_range)(const char *owner, unsigned long start, unsigned long count, enum subid_type idtype, bool *result); + + /* + * nss_list_owner_ranges: list the subid ranges delegated to a user. + * + * @owner - string representing username being queried + * @id_type - subuid or subgid + * @ranges - pointer to an array of struct subid_range, or NULL. The + * returned array must be freed by the caller. + * @count - pointer to an integer into which the number of returned ranges + * is written. + + * returns success if the module was able to determine an answer, + * else an error status. + */ + enum subid_status (*list_owner_ranges)(const char *owner, enum subid_type id_type, struct subid_range **ranges, int *count); + + /* + * nss_find_subid_owners: find uids who own a given subuid or subgid. + * + * @id - the delegated id (subuid or subgid) being queried + * @id_type - subuid or subgid + * @uids - pointer to an array of uids which will be allocated by + * nss_find_subid_owners() + * @count - number of uids found + * + * returns success if the module was able to determine an answer, + * else an error status. + */ + enum subid_status (*find_subid_owners)(unsigned long id, enum subid_type id_type, uid_t **uids, int *count); + + /* The dlsym handle to close */ + void *handle; +}; + +extern struct subid_nss_ops *get_subid_nss_handle(); + + /* pam_pass_non_interactive.c */ #ifdef USE_PAM extern int do_pam_passwd_non_interactive (const char *pam_service, @@ -334,7 +391,7 @@ extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const /* selinux.c */ #ifdef WITH_SELINUX -extern int set_selinux_file_context (const char *dst_name); +extern int set_selinux_file_context (const char *dst_name, mode_t mode); extern int reset_selinux_file_context (void); extern int check_selinux_permit (const char *perm_name); #endif @@ -448,6 +505,7 @@ extern bool valid (const char *, const struct passwd *); extern /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size) /*@ensures MaxSet(result) == (size - 1); @*/; extern /*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *); +extern void xfree(void *ap); /* xgetpwnam.c */ extern /*@null@*/ /*@only@*/struct passwd *xgetpwnam (const char *); |