8 files changed, 2 insertions, 104 deletions

diff --git a/NEWS b/NEWS
index 8acb502..72a40f3 100644
--- a/NEWS
+++ b/NEWS
@@ -6,7 +6,7 @@ In 2.7.0.0
  - Bugfixes.
  - New functions: ipc_timed_sendv(), unlink_void()
  - dir_close() now returns void and leaves errno unchanged
- - absolutepath(), sarealpath_tmp(), mininetstring functions removed
+ - absolutepath(), sarealpath_tmp(), mininetstring, prot functions removed
  - djbunix.h doesn't include env.h anymore
 
 
diff --git a/doc/libstddjb/djbunix.html b/doc/libstddjb/djbunix.html
index 1507bcd..db2e91e 100644
--- a/doc/libstddjb/djbunix.html
+++ b/doc/libstddjb/djbunix.html
@@ -311,26 +311,6 @@ Opens <em>file</em> in write-only, non-blocking mode.
 Returns a valid fd number if it succeeds, or -1 (and sets errno) if it fails.
 </p>
 
-<h3> Privilege management </h3>
-
-<p>
-<code> int prot_readgroups (char const *name, gid_t *tab, unsigned int max) </code> <br />
-Reads the group database (normally <tt>/etc/group</tt>, but it can be
-altered via NSS) to get the list of supplementary groups for user <em>name</em>.
-Stores that list into the array pointed to by <em>tab</em>, which must be
-preallocated. Stores at most <em>max</em> elements into <em>tab</em>.
-Returns -1 and sets errno if it fails; else, returns the number of elements actually
-stored into <em>tab</em>.
-</p>
-
-<p>
-<code> int prot_grps (char const *name) </code> <br />
-Sets the kernel-maintained list of supplementary groups for the current process
-to the list of supplementary groups for user <em>name</em> according to the
-group database. This is a privileged operation.
-Returns -1 and sets errno if it fails; returns 0 if it succeeds.
-</p>
-
 <h3> Executable search and execution, and environment </h3>
 
 <p>
diff --git a/doc/upgrade.html b/doc/upgrade.html
index eb10441..3f1f1d9 100644
--- a/doc/upgrade.html
+++ b/doc/upgrade.html
@@ -23,7 +23,7 @@
  <li> The <a href="libstddjb/djbunix.html">dir_close()</a> function now returns void
 and leaves errno unchanged. </li>
  <li> The <tt>absolutepath()</tt> and <tt>sarealpath_tmp()</tt> functions, as well
-as the <tt>skalibs/mininetstring.h</tt> family of functions, have been removed. </li>
+as the <tt>skalibs/mininetstring.h</tt> and <em>prot</em> family of functions, have been removed. </li>
  <li> <a href="libstddjb/djbunix.html">skalibs/djbunix.h</a> does not include
 <tt>skalibs/env.h</tt> anymore. </li>
 </ul>
diff --git a/package/deps.mak b/package/deps.mak
index e2751a4..f859392 100644
--- a/package/deps.mak
+++ b/package/deps.mak
@@ -455,9 +455,6 @@ src/libstddjb/pathexec_r_name.o src/libstddjb/pathexec_r_name.lo: src/libstddjb/
 src/libstddjb/pathexec_run.o src/libstddjb/pathexec_run.lo: src/libstddjb/pathexec_run.c src/include/skalibs/config.h src/include/skalibs/djbunix.h src/include/skalibs/posixplz.h
 src/libstddjb/pipe_internal.o src/libstddjb/pipe_internal.lo: src/libstddjb/pipe_internal.c src/include/skalibs/djbunix.h src/include/skalibs/nonposix.h src/include/skalibs/sysdeps.h
 src/libstddjb/prog.o src/libstddjb/prog.lo: src/libstddjb/prog.c src/include/skalibs/strerr2.h
-src/libstddjb/prot.o src/libstddjb/prot.lo: src/libstddjb/prot.c src/include/skalibs/djbunix.h
-src/libstddjb/prot_grps.o src/libstddjb/prot_grps.lo: src/libstddjb/prot_grps.c src/include/skalibs/djbunix.h src/include/skalibs/setgroups.h
-src/libstddjb/prot_readgroups.o src/libstddjb/prot_readgroups.lo: src/libstddjb/prot_readgroups.c src/include/skalibs/djbunix.h
 src/libstddjb/rm_rf.o src/libstddjb/rm_rf.lo: src/libstddjb/rm_rf.c src/include/skalibs/djbunix.h src/include/skalibs/skamisc.h
 src/libstddjb/rm_rf_in_tmp.o src/libstddjb/rm_rf_in_tmp.lo: src/libstddjb/rm_rf_in_tmp.c src/include/skalibs/direntry.h src/include/skalibs/djbunix.h src/include/skalibs/stralloc.h
 src/libstddjb/rm_rf_tmp.o src/libstddjb/rm_rf_tmp.lo: src/libstddjb/rm_rf_tmp.c src/include/skalibs/djbunix.h src/include/skalibs/stralloc.h
diff --git a/src/include/skalibs/djbunix.h b/src/include/skalibs/djbunix.h
index b8bb85c..d39df3f 100644
--- a/src/include/skalibs/djbunix.h
+++ b/src/include/skalibs/djbunix.h
@@ -71,12 +71,6 @@ extern void xpathexec0_run (char const *const *, char const *const *) gccattr_no
 extern void xpathexec (char const *const *) gccattr_noreturn ;
 extern void xpathexec0 (char const *const *) gccattr_noreturn ;
 
-#define prot_gid(gid) setgid(gid)
-#define prot_uid(uid) setuid(uid)
-extern int prot_readgroups (char const *, gid_t *, unsigned int) ;
-extern int prot_grps (char const *) ;
-extern int prot_setuidgid (char const *) ;
-
 extern pid_t wait_nointr (int *) ;
 extern pid_t waitpid_nointr (pid_t, int *, int) ;
 #define wait_pid(pid, wstat) waitpid_nointr(pid, (wstat), 0)
diff --git a/src/libstddjb/prot.c b/src/libstddjb/prot.c
deleted file mode 100644
index 6714cfb..0000000
--- a/src/libstddjb/prot.c
+++ /dev/null
@@ -1,19 +0,0 @@
-/* ISC license. */
-
-/* MT-unsafe */
-
-#include <unistd.h>
-#include <pwd.h>
-#include <errno.h>
-#include <skalibs/djbunix.h>
-
-int prot_setuidgid (char const *name)
-{
-  struct passwd *pw = getpwnam(name) ;
-  if (!pw)
-  {
-    if (!errno) errno = ESRCH ;
-    return 0 ;
-  }
-  return !prot_grps(name) && !setgid(pw->pw_gid) && !setuid(pw->pw_uid) ;
-}
diff --git a/src/libstddjb/prot_grps.c b/src/libstddjb/prot_grps.c
deleted file mode 100644
index c5ea35b..0000000
--- a/src/libstddjb/prot_grps.c
+++ /dev/null
@@ -1,27 +0,0 @@
-/* ISC license. */
-
-/* MT-unsafe */
-
-#include <unistd.h>
-#include <pwd.h>
-#include <grp.h>
-#include <limits.h>
-#include <errno.h>
-#include <skalibs/setgroups.h>
-#include <skalibs/djbunix.h>
-
-int prot_grps (char const *name)
-{
-  gid_t tab[NGROUPS_MAX] ;
-  struct passwd *pw ;
-  int n = prot_readgroups(name, tab, NGROUPS_MAX) ;
-  if (n < 0) return n ;
-  errno = 0 ;
-  pw = getpwnam(name) ;
-  if (!pw)
-  {
-    if (!errno) errno = ENOENT ;
-    return -1 ;
-  }
-  return setgroups_and_gid(pw->pw_gid, n, tab) ;
-}
diff --git a/src/libstddjb/prot_readgroups.c b/src/libstddjb/prot_readgroups.c
deleted file mode 100644
index 431cf1c..0000000
--- a/src/libstddjb/prot_readgroups.c
+++ /dev/null
@@ -1,27 +0,0 @@
-/* ISC license. */
-
-/* MT-unsafe */
-
-#include <grp.h>
-#include <errno.h>
-#include <string.h>
-#include <skalibs/djbunix.h>
-
-int prot_readgroups (char const *name, gid_t *tab, unsigned int max)
-{
-  unsigned int n = 0 ;
-  for (;;)
-  {
-    struct group *gr ;
-    char **member ;
-    errno = 0 ;
-    if (n >= max) break ;
-    gr = getgrent() ;
-    if (!gr) break ;
-    for (member = gr->gr_mem ; *member ; member++)
-      if (!strcmp(name, *member)) break ;
-    if (*member) tab[n++] = gr->gr_gid ;
-  }
-  endgrent() ;
-  return errno ? -1 : n ;
-}