X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/45736f7396593c2f4ef9ebf35c561e7a32111f63..46d06c3918b0080af7e87db986612e23bde4a341:/secnet.h

diff --git a/secnet.h b/secnet.h
index 3b54def..54f5d07 100644
--- a/secnet.h
+++ b/secnet.h
@@ -59,6 +59,10 @@ extern struct log_if *system_log;
 /* from process.c */
 extern void start_signal_handling(void);
 
+void afterfork(void);
+/* Must be called before exec in every child made after
+   start_signal_handling.  Safe to call in earlier children too. */
+
 /***** CONFIGURATION support *****/
 
 extern bool_t just_check_config; /* If True then we're going to exit after
@@ -170,6 +174,7 @@ extern void *safe_realloc_ary(void *p, size_t size, size_t count,
 			      const char *message);
 
 void setcloexec(int fd); /* cannot fail */
+void setnonblock(int fd); /* cannot fail */
 void pipe_cloexec(int fd[2]); /* pipe(), setcloexec() twice; cannot fail */
 
 extern int sys_cmd(const char *file, const char *argc, ...);
@@ -263,12 +268,19 @@ bool_t remove_hook(uint32_t phase, hook_fn *f, void *state);
 extern uint32_t current_phase;
 extern void enter_phase(uint32_t new_phase);
 
+void phase_hooks_init(void); /* for main() only */
+
 /* Some features (like netlink 'soft' routes) require that secnet
    retain root privileges.  They should indicate that here when
    appropriate. */
 extern bool_t require_root_privileges;
 extern cstring_t require_root_privileges_explanation;
 
+/* Some modules may want to know whether secnet is going to drop
+   privilege, so that they know whether to do privsep.  Call only
+   in phases SETUP and later. */
+bool_t will_droppriv(void);
+
 /***** END of program lifetime support *****/
 
 /***** MODULE support *****/