diff options
| author | David Lamparter <equinox@opensourcerouting.org> | 2018-08-10 18:36:43 +0200 |
|---|---|---|
| committer | Quentin Young <qlyoung@cumulusnetworks.com> | 2018-08-14 20:02:05 +0000 |
| commit | 01b9e3fd0d354d7d4c60b1c0240f269a4fd08990 (patch) | |
| tree | 7758a10d2c803e86348e04e908f73b63c0048b96 /zebra/ipforward_sysctl.c | |
| parent | 6017c3a2e71304381af5cfa5020b4a1358ee098b (diff) | |
*: use frr_elevate_privs() (1/2: coccinelle)
Signed-off-by: David Lamparter <equinox@diac24.net>
Diffstat (limited to 'zebra/ipforward_sysctl.c')
| -rw-r--r-- | zebra/ipforward_sysctl.c | 70 |
1 files changed, 25 insertions, 45 deletions
diff --git a/zebra/ipforward_sysctl.c b/zebra/ipforward_sysctl.c index f0eaa1acea..9fa6366411 100644 --- a/zebra/ipforward_sysctl.c +++ b/zebra/ipforward_sysctl.c @@ -54,16 +54,12 @@ int ipforward_on(void) int ipforwarding = 1; len = sizeof ipforwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - zlog_warn("Can't set ipforwarding on"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { + zlog_warn("Can't set ipforwarding on"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); return ipforwarding; } @@ -73,16 +69,12 @@ int ipforward_off(void) int ipforwarding = 0; len = sizeof ipforwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - zlog_warn("Can't set ipforwarding on"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { + zlog_warn("Can't set ipforwarding on"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); return ipforwarding; } @@ -101,16 +93,12 @@ int ipforward_ipv6(void) int ip6forwarding = 0; len = sizeof ip6forwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - zlog_warn("can't get ip6forwarding value"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) { + zlog_warn("can't get ip6forwarding value"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); return ip6forwarding; } @@ -120,16 +108,12 @@ int ipforward_ipv6_on(void) int ip6forwarding = 1; len = sizeof ip6forwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - zlog_warn("can't get ip6forwarding value"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { + zlog_warn("can't get ip6forwarding value"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); return ip6forwarding; } @@ -139,16 +123,12 @@ int ipforward_ipv6_off(void) int ip6forwarding = 0; len = sizeof ip6forwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - flog_err(LIB_ERR_PRIVILEGES, "Can't raise privileges"); - if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); - zlog_warn("can't get ip6forwarding value"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { + zlog_warn("can't get ip6forwarding value"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - flog_err(LIB_ERR_PRIVILEGES, "Can't lower privileges"); return ip6forwarding; } |