summaryrefslogtreecommitdiff
path: root/zebra/zserv.c
diff options
context:
space:
mode:
Diffstat (limited to 'zebra/zserv.c')
-rw-r--r--zebra/zserv.c18
1 files changed, 8 insertions, 10 deletions
diff --git a/zebra/zserv.c b/zebra/zserv.c
index f76c2fabd6..174e010743 100644
--- a/zebra/zserv.c
+++ b/zebra/zserv.c
@@ -54,6 +54,7 @@
#include "lib/zclient.h" /* for zmsghdr, ZEBRA_HEADER_SIZE, ZEBRA... */
#include "lib/frr_pthread.h" /* for frr_pthread_new, frr_pthread_stop... */
#include "lib/frratomic.h" /* for atomic_load_explicit, atomic_stor... */
+#include "lib/lib_errors.h" /* for generic ferr ids */
#include "zebra/debug.h" /* for various debugging macros */
#include "zebra/rib.h" /* for rib_score_proto */
@@ -786,15 +787,14 @@ void zserv_start(char *path)
unlink(suna->sun_path);
}
- zserv_privs.change(ZPRIVS_RAISE);
- setsockopt_so_recvbuf(zebrad.sock, 1048576);
- setsockopt_so_sendbuf(zebrad.sock, 1048576);
- zserv_privs.change(ZPRIVS_LOWER);
-
- if (sa.ss_family != AF_UNIX && zserv_privs.change(ZPRIVS_RAISE))
- zlog_err("Can't raise privileges");
+ frr_elevate_privs(&zserv_privs) {
+ setsockopt_so_recvbuf(zebrad.sock, 1048576);
+ setsockopt_so_sendbuf(zebrad.sock, 1048576);
+ }
- ret = bind(zebrad.sock, (struct sockaddr *)&sa, sa_len);
+ frr_elevate_privs((sa.ss_family != AF_UNIX) ? &zserv_privs : NULL) {
+ ret = bind(zebrad.sock, (struct sockaddr *)&sa, sa_len);
+ }
if (ret < 0) {
zlog_warn("Can't bind zserv socket on %s: %s", path,
safe_strerror(errno));
@@ -804,8 +804,6 @@ void zserv_start(char *path)
zebrad.sock = -1;
return;
}
- if (sa.ss_family != AF_UNIX && zserv_privs.change(ZPRIVS_LOWER))
- zlog_err("Can't lower privileges");
ret = listen(zebrad.sock, 5);
if (ret < 0) {