G::Root Class Reference

A class which acquires the process's special privileges on construction and releases them on destruction. More...

#include <groot.h>

Inheritance diagram for G::Root:

Public Member Functions
	Root (bool change_group=true)
	Constructor. More...
	~Root ()
	Desctructor. More...

Static Public Member Functions
static void	init (const std::string &nobody)
	Initialises this class on process start-up by releasing root or suid privileges. More...
static Identity	nobody ()
	Returns the 'nobody' identity. More...
static Identity	start (SignalSafe)
	A signal-safe alternative to construction. More...
static void	stop (SignalSafe, Identity)
	A signal-safe alternative to destruction. More...

Detailed Description

A class which acquires the process's special privileges on construction and releases them on destruction.

Despite the name of the class the special privileges are not necessarily root privileges.

If instances are nested then the inner instances have no effect.

The implementation uses G::Process and G::Identity.

The class must be initialised by calling a static init() method.

Definition at line 49 of file groot.h.

Constructor & Destructor Documentation

G::Root::Root ( bool  change_group = true )

explicit

Constructor.

Acquires special privileges if possible.

Definition at line 32 of file groot.cpp.

References G::Process::beSpecial().

G::Root::~Root

(

)

Desctructor.

Releases special privileges if this instance acquired them.

Definition at line 42 of file groot.cpp.

References G::Process::beOrdinary(), and G_ERROR.

Member Function Documentation

void G::Root::init ( const std::string &  nobody )

static

Initialises this class on process start-up by releasing root or suid privileges.

The parameter gives a non-privileged username which is used if the real user-id is root.

Definition at line 74 of file groot.cpp.

References G::Process::beOrdinary(), and G::Process::revokeExtraGroups().

G::Identity G::Root::nobody ( )

static

Returns the 'nobody' identity.

Precondition: init() called

Definition at line 82 of file groot.cpp.

G::Identity G::Root::start ( SignalSafe  safe )

static

A signal-safe alternative to construction.

Definition at line 62 of file groot.cpp.

References G::Process::beSpecial(), and G::Identity::invalid().

Referenced by G::PidFile::cleanup().

void G::Root::stop ( SignalSafe  safe, Identity  identity  )

static

A signal-safe alternative to destruction.

Definition at line 68 of file groot.cpp.

References G::Process::beOrdinary(), and G::Identity::invalid().

Referenced by G::PidFile::cleanup().

---

The documentation for this class was generated from the following files:

• groot.h
• groot.cpp