G::Root Class Reference

A class which acquires the process's special privileges on construction and releases them on destruction. More...

#include <groot.h>

Inheritance diagram for G::Root:

G::noncopyable GPop::DirectoryReader GPop::FileDeleter GSmtp::DirectoryReader GSmtp::FileReader GSmtp::FileWriter

List of all members.

Public Member Functions

 Root (bool change_group=true)
 Constructor.
 ~Root ()
 Desctructor.

Static Public Member Functions

static void init (const std::string &nobody)
 Initialises this class on process start-up by releasing root or suid privileges.
static Identity nobody ()
 Returns the 'nobody' identity.
static Identity start (SignalSafe)
 A signal-safe alternative to construction.
static void stop (SignalSafe, Identity)
 A signal-safe alternative to destruction.


Detailed Description

A class which acquires the process's special privileges on construction and releases them on destruction.

If instances are nested then the inner instances have no effect.

The implementation uses G::Process and G::Identity.

The class must be initialised by calling a static init() method.

Definition at line 47 of file groot.h.


Constructor & Destructor Documentation

G::Root::Root ( bool  change_group = true  )  [explicit]

Constructor.

Acquires special privileges if possible.

Definition at line 32 of file groot.cpp.

References G::Process::beSpecial().

G::Root::~Root (  ) 

Desctructor.

Releases special privileges if this instance acquired them.

Definition at line 42 of file groot.cpp.

References G::Process::beOrdinary(), and G_ERROR.


Member Function Documentation

void G::Root::init ( const std::string &  nobody  )  [static]

Initialises this class on process start-up by releasing root or suid privileges.

The parameter gives a non-privileged username which is used if the real user-id is root.

Definition at line 74 of file groot.cpp.

References G::Process::beOrdinary(), and G::Process::revokeExtraGroups().

G::Identity G::Root::nobody (  )  [static]

Returns the 'nobody' identity.

Precondition: init() called

Definition at line 82 of file groot.cpp.

G::Identity G::Root::start ( SignalSafe  safe  )  [static]

A signal-safe alternative to construction.

Definition at line 62 of file groot.cpp.

References G::Process::beSpecial(), and G::Identity::invalid().

Referenced by G::PidFile::cleanup().

void G::Root::stop ( SignalSafe  safe,
Identity  identity 
) [static]

A signal-safe alternative to destruction.

Definition at line 68 of file groot.cpp.

References G::Process::beOrdinary(), and G::Identity::invalid().

Referenced by G::PidFile::cleanup().


The documentation for this class was generated from the following files:

Generated on Fri Apr 18 15:56:13 2008 for E-MailRelay by  doxygen 1.5.5