Commit 3cc58b3f authored by Jelte Jansen's avatar Jelte Jansen
Browse files

sync trunk for merge


git-svn-id: svn://bind10.isc.org/svn/bind10/branches/trac296@2759 e5f2f494-b856-4b98-b285-d166d9295462
parents 5d493fb0 394c4bf5
87. [func] zhanglikun
lib/python/isc/notifyout: Add the feature of notify-out, when
zone axfr/ixfr finishing, the server will notify its slaves.
(Trac #289, svn r2737)
86. [func] jerry
bin/zonemgr: Added zone manager module. The zone manager is one
of the co-operating processes of BIND10, which keeps track of
timers and other information necessary for BIND10 to act as a
slave. (Trac #215, svn r2737)
85. [build]* jinmei
Build programs using dynamic link by default. A new configure
option --enable-static-link is provided to force static link for
executable programs. Statically linked programs can be run on a
debugger more easily and would be convenient for developers.
(Trac #309, svn r2723)
bind10-devel-20100812 released on August 12, 2010
84. [bug] jinmei, jerry
This is a quick fix patch for the issue: AXFR fails half the
time because of connection problems. xfrout client will make
a new connection every time. (Trac #299, svn r2697)
83. [build]* jreed
The configure --with-boost-lib option is removed. It was not
used since the build included ASIO. (svn r2684)
82. [func] jinmei
bin/auth: Added -u option to change the effective process user
of the authoritative server after invocation. The same option to
the boss process will be propagated to b10-auth, too.
(Trac #268, svn r2675)
81. [func] jinmei
Added a C++ framework for micro benchmark tests. A supplemental
library functions to build query data for the tests were also
provided. (Trac #241, svn r2664)
80. [bug] jelte
bindctl no longer accepts configuration changes for unknown or
non-running modules (for the latter, this is until we have a
way to verify those options, at which point it'll be allowed
again).
(Trac #99, r2657)
79. [func] feng, jinmei
Refactored the ASIO link interfaces to move incoming XFR and
NOTIFY processing to the auth server class. Wrapper classes for
......@@ -196,7 +243,11 @@ bind10-devel-20100602 released on June 2, 2010
a remote server. (Trac #218, svn r2038)
49. [func]* jelte
Use unix domain sockets for msgq. (Trac #183, svn r2009)
Use unix domain sockets for msgq. For b10-msgq, the command
line options --msgq-port and -m were removed. For bind10,
the -msgq-port option was removed, and the -m command line
option was changed to be a filename (instead of port number).
(Trac #183, svn r2009)
48. [func] jelte
bin/auth: Use asio's io_service for the msgq handling.
......
......@@ -28,6 +28,7 @@ report-coverage:
c++/4.4\*/ext/\* \
c++/4.4\*/\*-\*/bits/\* \
boost/\* \
ext/asio/\* \
gtest/\* \
usr/include/\* \
tests/\* \
......@@ -41,8 +42,8 @@ report-coverage:
coverage: clean-coverage perform-coverage report-coverage
#### include external sources in the distributed tarball:
# EXTRA_DIST = ext/asio/README
EXTRA_DIST = ext/asio/asio/local/stream_protocol.hpp
EXTRA_DIST = ext/asio/README
EXTRA_DIST += ext/asio/asio/local/stream_protocol.hpp
EXTRA_DIST += ext/asio/asio/local/basic_endpoint.hpp
EXTRA_DIST += ext/asio/asio/local/datagram_protocol.hpp
EXTRA_DIST += ext/asio/asio/local/connect_pair.hpp
......
......@@ -32,6 +32,14 @@ AC_TRY_LINK([],[],
])
LDFLAGS=$LDFLAGS_SAVED
# allow building programs with static link. we need to make it selective
# because loadable modules cannot be statically linked.
AC_ARG_ENABLE([static-link],
AC_HELP_STRING([--enable-static-link],
[build programs with static link [[default=no]]]),
[enable_static_link=yes], [enable_static_link=no])
AM_CONDITIONAL(USE_STATIC_LINK, test $enable_static_link = yes)
# OS dependent compiler flags
case "$host" in
*-solaris*)
......@@ -256,14 +264,6 @@ if test "${boost_include_path}" ; then
fi
AC_SUBST(BOOST_INCLUDES)
AC_ARG_WITH([boost-lib],
AC_HELP_STRING([--with-boost-lib=PATH],
[specify exact directory for Boost libraries]),
[if test "$withval" != "yes" -a "$withval" != "no"; then
BOOST_LDFLAGS="-L$withval"
fi])
AC_SUBST(BOOST_LDFLAGS)
#
# Check availability of gtest, which will be used for unit tests.
#
......@@ -411,9 +411,15 @@ AC_CONFIG_FILES([Makefile
src/bin/xfrin/tests/Makefile
src/bin/xfrout/Makefile
src/bin/xfrout/tests/Makefile
src/bin/zonemgr/Makefile
src/bin/zonemgr/tests/Makefile
src/bin/usermgr/Makefile
src/lib/Makefile
src/lib/bench/Makefile
src/lib/bench/example/Makefile
src/lib/bench/tests/Makefile
src/lib/cc/Makefile
src/lib/cc/tests/Makefile
src/lib/python/Makefile
src/lib/python/isc/Makefile
src/lib/python/isc/datasrc/Makefile
......@@ -423,6 +429,8 @@ AC_CONFIG_FILES([Makefile
src/lib/python/isc/config/tests/Makefile
src/lib/python/isc/log/Makefile
src/lib/python/isc/log/tests/Makefile
src/lib/python/isc/notify/Makefile
src/lib/python/isc/notify/tests/Makefile
src/lib/config/Makefile
src/lib/config/tests/Makefile
src/lib/dns/Makefile
......@@ -430,6 +438,7 @@ AC_CONFIG_FILES([Makefile
src/lib/dns/python/Makefile
src/lib/dns/python/tests/Makefile
src/lib/exceptions/Makefile
src/lib/exceptions/tests/Makefile
src/lib/datasrc/Makefile
src/lib/datasrc/tests/Makefile
src/lib/xfr/Makefile
......@@ -448,6 +457,10 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
src/bin/xfrout/xfrout.spec.pre
src/bin/xfrout/tests/xfrout_test
src/bin/xfrout/run_b10-xfrout.sh
src/bin/zonemgr/zonemgr.py
src/bin/zonemgr/zonemgr.spec.pre
src/bin/zonemgr/tests/zonemgr_test
src/bin/zonemgr/run_b10-zonemgr.sh
src/bin/bind10/bind10.py
src/bin/bind10/tests/bind10_test
src/bin/bind10/run_bind10.sh
......@@ -469,19 +482,22 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
src/lib/python/isc/config/tests/config_test
src/lib/python/isc/cc/tests/cc_test
src/lib/python/isc/log/tests/log_test
src/lib/python/isc/notify/tests/notify_out_test
src/lib/dns/gen-rdatacode.py
src/lib/python/bind10_config.py
src/lib/dns/tests/testdata/gen-wiredata.py
src/lib/cc/session_config.h.pre
src/lib/cc/session_unittests_config.h
src/lib/cc/tests/session_unittests_config.h
], [
chmod +x src/bin/cmdctl/run_b10-cmdctl.sh
chmod +x src/bin/xfrin/run_b10-xfrin.sh
chmod +x src/bin/xfrout/run_b10-xfrout.sh
chmod +x src/bin/zonemgr/run_b10-zonemgr.sh
chmod +x src/bin/bind10/run_bind10.sh
chmod +x src/bin/cmdctl/tests/cmdctl_test
chmod +x src/bin/xfrin/tests/xfrin_test
chmod +x src/bin/xfrout/tests/xfrout_test
chmod +x src/bin/zonemgr/tests/zonemgr_test
chmod +x src/bin/bindctl/tests/bindctl_test
chmod +x src/bin/bindctl/run_bindctl.sh
chmod +x src/bin/loadzone/run_loadzone.sh
......
......@@ -568,7 +568,7 @@ WARN_LOGFILE =
# directories like "/usr/src/myproject". Separate the files or directories
# with spaces.
INPUT = ../src/lib/cc ../src/lib/config ../src/lib/dns ../src/lib/exceptions ../src/lib/datasrc ../src/bin/auth
INPUT = ../src/lib/cc ../src/lib/config ../src/lib/dns ../src/lib/exceptions ../src/lib/datasrc ../src/bin/auth ../src/lib/bench
# This tag can be used to specify the character encoding of the source files
# that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is
......
This diff is collapsed.
......@@ -75,9 +75,8 @@
data source backend is SQLite3. The authoritative server
requires SQLite 3.3.9 or newer.
The <command>b10-xfrin</command> and <command>b10-xfrout</command>
modules require the libboost library,
libpython3 library,
and the Python _sqlite3.so module.
modules require the libpython3 library and the Python
_sqlite3.so module.
</para></note>
<!-- TODO: this will change ... -->
......@@ -272,9 +271,8 @@ var/
</para>
<para>
The Boost Library, Python Library,
and Python _sqlite3 module are required to enable the
Xfrout and Xfrin support.
The Python Library and Python _sqlite3 module are required to
enable the Xfrout and Xfrin support.
</para>
<note><simpara>
......@@ -486,14 +484,6 @@ var/
</listitem>
</varlistentry>
<varlistentry>
<term>--with-boost-lib</term>
<listitem>
<simpara>Define the path to find the Boost library.
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>--with-pythonpath</term>
<listitem>
......@@ -520,10 +510,10 @@ var/
<para>
For example, the following configures it to
find the Boost headers and library, find the
find the Boost headers, find the
Python interpreter, and sets the installation location:
<screen>$ <userinput>./configure --with-boost-lib=/usr/pkg/lib \
<screen>$ <userinput>./configure \
--with-boost-include=/usr/pkg/include \
--with-pythonpath=/usr/pkg/bin/python3.1 \
--prefix=/opt/bind10</userinput></screen>
......@@ -557,14 +547,6 @@ var/
<para>The install step may require superuser privileges.</para>
</note>
<!-- Trac #148 -->
<note><simpara>
Depending on your system and the location of your Boost
Python and Python shared libraries, you may need to
configure your run-time linker to find them (such as
setting LD_LIBRARY_PATH).
</simpara></note>
</section>
<!-- TODO: tests -->
......
ASIO library header files
Version 1.4.5 (2010-05-12)
Downloaded from http://sourceforge.net/projects/asio/files
Project page: http://think-async.com/Asio
No local modifications.
SUBDIRS = bind10 bindctl cfgmgr loadzone msgq host cmdctl auth xfrin xfrout usermgr
SUBDIRS = bind10 bindctl cfgmgr loadzone msgq host cmdctl auth xfrin xfrout usermgr zonemgr
......@@ -8,6 +8,10 @@ AM_CPPFLAGS += -I$(top_srcdir)/src/bin -I$(top_builddir)/src/bin
AM_CXXFLAGS = $(B10_CXXFLAGS)
if USE_STATIC_LINK
AM_LDFLAGS = -static
endif
pkglibexecdir = $(libexecdir)/@PACKAGE@
CLEANFILES = *.gcno *.gcda auth.spec spec_config.h
......@@ -47,15 +51,16 @@ libasio_link_a_CPPFLAGS = $(AM_CPPFLAGS)
BUILT_SOURCES = spec_config.h
pkglibexec_PROGRAMS = b10-auth
b10_auth_SOURCES = auth_srv.cc auth_srv.h
b10_auth_SOURCES += change_user.cc change_user.h
b10_auth_SOURCES += common.h
b10_auth_SOURCES += main.cc
b10_auth_LDADD = $(top_builddir)/src/lib/datasrc/.libs/libdatasrc.a
b10_auth_LDADD += $(top_builddir)/src/lib/dns/.libs/libdns++.a
b10_auth_LDADD += $(top_builddir)/src/lib/config/.libs/libcfgclient.a
b10_auth_LDADD += $(top_builddir)/src/lib/cc/.libs/libcc.a
b10_auth_LDADD += $(top_builddir)/src/lib/exceptions/.libs/libexceptions.a
b10_auth_LDADD = $(top_builddir)/src/lib/datasrc/libdatasrc.la
b10_auth_LDADD += $(top_builddir)/src/lib/dns/libdns++.la
b10_auth_LDADD += $(top_builddir)/src/lib/config/libcfgclient.la
b10_auth_LDADD += $(top_builddir)/src/lib/cc/libcc.la
b10_auth_LDADD += $(top_builddir)/src/lib/exceptions/libexceptions.la
b10_auth_LDADD += $(top_builddir)/src/bin/auth/libasio_link.a
b10_auth_LDADD += $(top_builddir)/src/lib/xfr/.libs/libxfr.a
b10_auth_LDADD += $(top_builddir)/src/lib/xfr/libxfr.la
b10_auth_LDADD += $(SQLITE_LIBS)
# TODO: config.h.in is wrong because doesn't honor pkgdatadir
......
......@@ -368,6 +368,7 @@ public:
dns_message_(Message::PARSE),
custom_callback_(NULL)
{
socket_.set_option(socket_base::reuse_address(true));
// Set v6-only (we use a different instantiation for v4,
// otherwise asio will bind to both v4 and v6
if (addr.is_v6()) {
......@@ -562,7 +563,7 @@ IOService::stop() {
asio::io_service&
IOService::get_io_service() {
return impl_->io_service_;
return (impl_->io_service_);
}
void
......
......@@ -327,7 +327,6 @@ AuthSrvImpl::processNormalQuery(const IOMessage& io_message, Message& message,
return (true);
}
bool
AuthSrvImpl::processAxfrQuery(const IOMessage& io_message, Message& message,
MessageRenderer& response_renderer)
......@@ -342,10 +341,8 @@ AuthSrvImpl::processAxfrQuery(const IOMessage& io_message, Message& message,
}
try {
if (!xfrout_connected_) {
xfrout_client_.connect();
xfrout_connected_ = true;
}
xfrout_client_.connect();
xfrout_connected_ = true;
xfrout_client_.sendXfroutRequestInfo(
io_message.getSocket().getNative(),
io_message.getData(),
......@@ -368,6 +365,10 @@ AuthSrvImpl::processAxfrQuery(const IOMessage& io_message, Message& message,
verbose_mode_);
return (true);
}
xfrout_client_.disconnect();
xfrout_connected_ = false;
return (false);
}
......@@ -421,7 +422,7 @@ AuthSrvImpl::processNotify(const IOMessage& io_message, Message& message,
static const string command_template_start =
"{\"command\": [\"notify\", {\"zone_name\" : \"";
static const string command_template_master = "\", \"master\" : \"";
static const string command_template_rrclass = "\", \"rrclass\" : \"";
static const string command_template_rrclass = "\", \"zone_class\" : \"";
static const string command_template_end = "\"}]}";
try {
......@@ -431,7 +432,7 @@ AuthSrvImpl::processNotify(const IOMessage& io_message, Message& message,
command_template_rrclass + question->getClass().toText() +
command_template_end);
const unsigned int seq =
xfrin_session_->group_sendmsg(notify_command, "Xfrin",
xfrin_session_->group_sendmsg(notify_command, "Zonemgr",
"*", "*");
ElementPtr env, answer, parsed_answer;
xfrin_session_->group_recvmsg(env, answer, false, seq);
......@@ -439,14 +440,14 @@ AuthSrvImpl::processNotify(const IOMessage& io_message, Message& message,
parsed_answer = parseAnswer(rcode, answer);
if (rcode != 0) {
if (verbose_mode_) {
cerr << "[b10-auth] failed to notify Xfrin: "
cerr << "[b10-auth] failed to notify Zonemgr: "
<< parsed_answer->str() << endl;
}
return (false);
}
} catch (const Exception& ex) {
if (verbose_mode_) {
cerr << "[b10-auth] failed to notify Xfrin: " << ex.what() << endl;
cerr << "[b10-auth] failed to notify Zonemgr: " << ex.what() << endl;
}
return (false);
}
......@@ -520,11 +521,11 @@ AuthSrv::updateConfig(isc::data::ElementPtr new_config) {
ElementPtr answer = isc::config::createAnswer();
answer = impl_->setDbFile(new_config);
return answer;
return (answer);
} catch (const isc::Exception& error) {
if (impl_->verbose_mode_) {
cerr << "[b10-auth] error: " << error.what() << endl;
}
return isc::config::createAnswer(1, error.what());
return (isc::config::createAnswer(1, error.what()));
}
}
......@@ -2,12 +2,12 @@
.\" Title: b10-auth
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
.\" Date: March 16, 2010
.\" Date: July 29, 2010
.\" Manual: BIND10
.\" Source: BIND10
.\" Language: English
.\"
.TH "B10\-AUTH" "8" "March 16, 2010" "BIND10" "BIND10"
.TH "B10\-AUTH" "8" "July 29, 2010" "BIND10" "BIND10"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
......@@ -22,7 +22,7 @@
b10-auth \- Authoritative DNS server
.SH "SYNOPSIS"
.HP \w'\fBb10\-auth\fR\ 'u
\fBb10\-auth\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-p\ \fR\fB\fInumber\fR\fR] [\fB\-v\fR]
\fBb10\-auth\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-a\ \fR\fB\fIaddress\fR\fR] [\fB\-n\fR] [\fB\-p\ \fR\fB\fInumber\fR\fR] [\fB\-u\ \fR\fB\fIusername\fR\fR] [\fB\-v\fR]
.SH "DESCRIPTION"
.PP
The
......@@ -64,13 +64,30 @@ The arguments are as follows:
\fB\-4\fR
.RS 4
Enables IPv4 only mode\&. This switch may not be used with
\fB\-6\fR\&. By default, it listens on both IPv4 and IPv6 (if capable)\&.
\fB\-6\fR
nor
\fB\-a\fR\&. By default, it listens on both IPv4 and IPv6 (if capable)\&.
.RE
.PP
\fB\-6\fR
.RS 4
Enables IPv6 only mode\&. This switch may not be used with
\fB\-4\fR\&. By default, it listens on both IPv4 and IPv6 (if capable)\&.
\fB\-4\fR
nor
\fB\-a\fR\&. By default, it listens on both IPv4 and IPv6 (if capable)\&.
.RE
.PP
\fB\-a \fR\fB\fIaddress\fR\fR
.RS 4
The IPv4 or IPv6 address to listen on\&. This switch may not be used with
\fB\-4\fR
nor
\fB\-6\fR\&. The default is to listen on all addresses\&. (This is a short term workaround\&. This argument may change\&.)
.RE
.PP
\fB\-n\fR
.RS 4
Do not cache answers in memory\&. The default is to use the cache for faster responses\&. The cache keeps the most recent 30,000 answers (positive and negative) in memory for 30 seconds (instead of querying the data source, such as SQLite3 database, each time)\&.
.RE
.PP
\fB\-p \fR\fB\fInumber\fR\fR
......@@ -93,6 +110,15 @@ The Y1 prototype runs on all interfaces and on this nonstandard port\&.
.RE
.RE
.PP
\fB\-u \fR\fB\fIusername\fR\fR
.RS 4
The user name of the
\fBb10\-auth\fR
daemon\&. If specified, the daemon changes the process owner to the specified user\&. The
\fIusername\fR
must be either a valid numeric user ID or a valid user name\&. By default the daemon runs as the user who invokes it\&.
.RE
.PP
\fB\-v\fR
.RS 4
Enabled verbose mode\&. This enables diagnostic messages to STDERR\&.
......
......@@ -21,7 +21,7 @@
<refentry>
<refentryinfo>
<date>March 16, 2010</date>
<date>July 29, 2010</date>
</refentryinfo>
<refmeta>
......@@ -47,7 +47,10 @@
<command>b10-auth</command>
<arg><option>-4</option></arg>
<arg><option>-6</option></arg>
<arg><option>-a <replaceable>address</replaceable></option></arg>
<arg><option>-n</option></arg>
<arg><option>-p <replaceable>number</replaceable></option></arg>
<arg><option>-u <replaceable>username</replaceable></option></arg>
<arg><option>-v</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
......@@ -95,7 +98,8 @@
<term><option>-4</option></term>
<listitem><para>
Enables IPv4 only mode.
This switch may not be used with <option>-6</option>.
This switch may not be used with <option>-6</option> nor
<option>-a</option>.
By default, it listens on both IPv4 and IPv6 (if capable).
</para></listitem>
</varlistentry>
......@@ -104,11 +108,36 @@
<term><option>-6</option></term>
<listitem><para>
Enables IPv6 only mode.
This switch may not be used with <option>-4</option>.
This switch may not be used with <option>-4</option> nor
<option>-a</option>.
By default, it listens on both IPv4 and IPv6 (if capable).
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>-a <replaceable>address</replaceable></option></term>
<listitem>
<para>The IPv4 or IPv6 address to listen on.
This switch may not be used with <option>-4</option> nor
<option>-6</option>.
The default is to listen on all addresses.
(This is a short term workaround. This argument may change.)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-n</option></term>
<listitem><para>
Do not cache answers in memory.
The default is to use the cache for faster responses.
The cache keeps the most recent 30,000 answers (positive
and negative) in memory for 30 seconds (instead of querying
the data source, such as SQLite3 database, each time).
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>-p <replaceable>number</replaceable></option></term>
<listitem><para>
......@@ -119,6 +148,20 @@
</listitem>
</varlistentry>
<varlistentry>
<term><option>-u <replaceable>username</replaceable></option></term>
<listitem>
<para>
The user name of the <command>b10-auth</command> daemon.
If specified, the daemon changes the process owner to the
specified user.
The <replaceable>username</replaceable> must be either a
valid numeric user ID or a valid user name.
By default the daemon runs as the user who invokes it.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v</option></term>
<listitem><para>
......
// Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
// $Id$
#include <errno.h>
#include <string.h>
#include <pwd.h>
#include <unistd.h>
#include <boost/lexical_cast.hpp>
#include <exceptions/exceptions.h>
#include <auth/common.h>
using namespace boost;
void
changeUser(const char* const username) {
const struct passwd *runas_pw = NULL;
runas_pw = getpwnam(username);
endpwent();
if (runas_pw == NULL) {
try {
runas_pw = getpwuid(lexical_cast<uid_t>(username));
endpwent();
} catch (const bad_lexical_cast&) {
; // fall through to isc_throw below.
}
}
if (runas_pw == NULL) {
isc_throw(FatalError, "Unknown user name or UID:" << username);
}
if (setgid(runas_pw->pw_gid) < 0) {
isc_throw(FatalError, "setgid() failed: " << strerror(errno));
}
if (setuid(runas_pw->pw_uid) < 0) {
isc_throw(FatalError, "setuid() failed: " << strerror(errno));
}
}
// Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
// $Id$
#ifndef __CHANGE_USER_H
#define __CHANGE_USER_H 1
/// \brief Change the run time user.
///
/// This function changes the user and its group of the authoritative server
/// process.
///
/// On success the user ID of the process is changed to the specified user,
/// and the group is changed to that of the new user.
///
/// This is considered a short term workaround until we develop clearer
/// privilege separation, where the server won't even have to open privileged
/// ports and can be started by a non privileged user from the beginning.
/// This function therefore ignores some corner case problems (see below)
/// which we would address otherwise.
///