diff --git a/include/privilege.h b/include/privilege.h index b033839a..4eb7564b 100644 --- a/include/privilege.h +++ b/include/privilege.h @@ -40,6 +40,7 @@ struct PrivilegeSet { int privilegeset_in_set(struct PrivilegeSet *set, const char *priv); struct PrivilegeSet *privilegeset_set_new(const char *name, const char *privs, PrivilegeFlags flags); +struct PrivilegeSet *privilegeset_extend(struct PrivilegeSet *parent, const char *name, const char *privs, PrivilegeFlags flags); struct PrivilegeSet *privilegeset_get(const char *name); void privilegeset_ref(struct PrivilegeSet *set); void privilegeset_unref(struct PrivilegeSet *set); diff --git a/src/privilege.c b/src/privilege.c index 91cc39d2..c2ce6e2b 100644 --- a/src/privilege.c +++ b/src/privilege.c @@ -40,6 +40,8 @@ privilegeset_set_new(const char *name, const char *privs, PrivilegeFlags flags) { struct PrivilegeSet *set; + s_assert(privilegeset_get(name) == NULL); + set = rb_malloc(sizeof(struct PrivilegeSet)); set->refs = 1; set->name = rb_strdup(name); @@ -51,6 +53,28 @@ privilegeset_set_new(const char *name, const char *privs, PrivilegeFlags flags) return set; } +struct PrivilegeSet * +privilegeset_extend(struct PrivilegeSet *parent, const char *name, const char *privs, PrivilegeFlags flags) +{ + struct PrivilegeSet *set; + + s_assert(parent != NULL); + s_assert(name != NULL); + s_assert(privs != NULL); + s_assert(privilegeset_get(name) == NULL); + + set = rb_malloc(sizeof(struct PrivilegeSet)); + set->refs = 1; + set->name = rb_strdup(name); + set->flags = flags; + set->privs = rb_malloc(strlen(parent->privs) + 1 + strlen(privs) + 1); + strcpy(parent->privs, set->privs); + strcat(set->privs, " "); + strcat(set->privs, privs); + + return set; +} + struct PrivilegeSet * privilegeset_get(const char *name) {