diff options
author | Simo Sorce <simo@redhat.com> | 2013-08-28 21:19:32 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2013-09-09 15:11:45 -0400 |
commit | 0371fbcf60d4dd8e25b9bb0a83029c812b66f3d6 (patch) | |
tree | 86ee3a2f3d7fb734dc434cece43a485297e2a0b4 /src/providers/krb5/krb5_utils.h | |
parent | 36ccdecd053a9ad88dce86b8c84770dc2aa11d21 (diff) | |
download | sssd-0371fbcf60d4dd8e25b9bb0a83029c812b66f3d6.tar.gz sssd-0371fbcf60d4dd8e25b9bb0a83029c812b66f3d6.tar.xz sssd-0371fbcf60d4dd8e25b9bb0a83029c812b66f3d6.zip |
krb5: Add calls to change and restore credentials
In some cases we want to temporarily assume user credentials but allow the
process to regain back the original credentials (normally regaining uid 0).
Related:
https://fedorahosted.org/sssd/ticket/2061
Diffstat (limited to 'src/providers/krb5/krb5_utils.h')
-rw-r--r-- | src/providers/krb5/krb5_utils.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h index cdc9f2364..aac3ec72e 100644 --- a/src/providers/krb5/krb5_utils.h +++ b/src/providers/krb5/krb5_utils.h @@ -80,6 +80,12 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr, bool case_sensitive, bool *private_path); errno_t become_user(uid_t uid, gid_t gid); +struct sss_creds; +errno_t switch_creds(TALLOC_CTX *mem_ctx, + uid_t uid, gid_t gid, + int num_gids, gid_t *gids, + struct sss_creds **saved_creds); +errno_t restore_creds(struct sss_creds *saved_creds); errno_t get_ccache_file_data(const char *ccache_file, const char *client_name, struct tgt_times *tgtt); |