/* Query, remove, or restore a Solaris privilege.
- Copyright (C) 2009 Free Software Foundation, Inc.
+ Copyright (C) 2009-2011 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include <config.h>
#include "priv-set.h"
-#if HAVE_GETPPRIV
+#if HAVE_GETPPRIV && HAVE_PRIV_H
# include <errno.h>
# include <stdbool.h>
{
eff_set = priv_allocset ();
if (!eff_set)
- {
- return -1;
- }
+ {
+ return -1;
+ }
rem_set = priv_allocset ();
if (!rem_set)
- {
- priv_freeset (eff_set);
- return -1;
- }
+ {
+ priv_freeset (eff_set);
+ return -1;
+ }
if (getppriv (PRIV_EFFECTIVE, eff_set) != 0)
- {
- priv_freeset (eff_set);
- priv_freeset (rem_set);
- return -1;
- }
+ {
+ priv_freeset (eff_set);
+ priv_freeset (rem_set);
+ return -1;
+ }
priv_emptyset (rem_set);
initialized = true;
}
/* Try to remove priv from the effective set.
- Returns 0 if priv was removed from or was not present in the effective set.
+ Returns 0 if priv was removed.
Returns -1 on error with errno set appropriately. */
int
priv_set_remove (const char *priv)
if (priv_ismember (eff_set, priv))
{
/* priv_addset/priv_delset can only fail if priv is invalid, which is
- checked above by the priv_ismember call. */
+ checked above by the priv_ismember call. */
priv_delset (eff_set, priv);
if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
- {
- priv_addset (eff_set, priv);
- return -1;
- }
+ {
+ priv_addset (eff_set, priv);
+ return -1;
+ }
priv_addset (rem_set, priv);
}
else
/* Try to restore priv to the effective set.
- Returns 0 if priv was re-added to the effective set (after being prviously
- removed by a call to priv_set_remove) or if priv was already in the
- effective set.
+ Returns 0 if priv was re-added to the effective set (after being previously
+ removed by a call to priv_set_remove).
Returns -1 on error with errno set appropriately. */
int
priv_set_restore (const char *priv)
if (priv_ismember (rem_set, priv))
{
/* priv_addset/priv_delset can only fail if priv is invalid, which is
- checked above by the priv_ismember call. */
+ checked above by the priv_ismember call. */
priv_addset (eff_set, priv);
if (setppriv (PRIV_SET, PRIV_EFFECTIVE, eff_set) != 0)
- {
- priv_delset (eff_set, priv);
- return -1;
- }
+ {
+ priv_delset (eff_set, priv);
+ return -1;
+ }
priv_delset (rem_set, priv);
}
else