From df301b7eb76964b7a3141bb1062c9e79d272b0d7 Mon Sep 17 00:00:00 2001
From: Ruslan Kuprieiev <kupruser@gmail.com>
Date: Thu, 29 Jan 2015 22:59:27 +0200
Subject: [PATCH] security: create separate security.h header

Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
---
 cr-dump.c          |  1 +
 cr-restore.c       |  1 +
 cr-service.c       |  1 +
 crtools.c          |  1 +
 include/crtools.h  |  6 ------
 include/security.h | 12 ++++++++++++
 ptrace.c           |  1 +
 7 files changed, 17 insertions(+), 6 deletions(-)
 create mode 100644 include/security.h

diff --git a/cr-dump.c b/cr-dump.c
index cfdde34a0..cc5245589 100644
--- a/cr-dump.c
+++ b/cr-dump.c
@@ -73,6 +73,7 @@
 #include "sysfs_parse.h"
 #include "action-scripts.h"
 #include "aio.h"
+#include "security.h"
 
 #include "asm/dump.h"
 
diff --git a/cr-restore.c b/cr-restore.c
index 0a178ee04..95e6fd127 100644
--- a/cr-restore.c
+++ b/cr-restore.c
@@ -73,6 +73,7 @@
 #include "file-lock.h"
 #include "action-scripts.h"
 #include "aio.h"
+#include "security.h"
 
 #include "parasite-syscall.h"
 
diff --git a/cr-service.c b/cr-service.c
index eb33048eb..d202d14af 100644
--- a/cr-service.c
+++ b/cr-service.c
@@ -27,6 +27,7 @@
 #include "mount.h"
 #include "cgroup.h"
 #include "action-scripts.h"
+#include "security.h"
 
 #include "setproctitle.h"
 
diff --git a/crtools.c b/crtools.c
index cf2fdf24c..0b3c497c4 100644
--- a/crtools.c
+++ b/crtools.c
@@ -38,6 +38,7 @@
 #include "cgroup.h"
 #include "cpu.h"
 #include "action-scripts.h"
+#include "security.h"
 
 #include "setproctitle.h"
 
diff --git a/include/crtools.h b/include/crtools.h
index 176e8b359..bbed0effd 100644
--- a/include/crtools.h
+++ b/include/crtools.h
@@ -24,12 +24,6 @@ extern int cr_check(void);
 extern int cr_exec(int pid, char **opts);
 extern int cr_dedup(void);
 
-extern int restrict_uid(unsigned int uid, unsigned int gid);
-struct proc_status_creds;
-extern bool may_dump(struct proc_status_creds *);
-struct _CredsEntry;
-extern bool may_restore(struct _CredsEntry *);
-extern bool cr_user_is_root(void);
 extern int check_add_feature(char *arg);
 
 #endif /* __CR_CRTOOLS_H__ */
diff --git a/include/security.h b/include/security.h
new file mode 100644
index 000000000..43bfb4529
--- /dev/null
+++ b/include/security.h
@@ -0,0 +1,12 @@
+#ifndef __CR_SECURITY_H__
+#define __CR_SECURITY_H__
+
+#include "proc_parse.h"
+#include "protobuf/creds.pb-c.h"
+
+extern int restrict_uid(unsigned int uid, unsigned int gid);
+extern bool may_dump(struct proc_status_creds *);
+extern bool may_restore(struct _CredsEntry *);
+extern bool cr_user_is_root(void);
+
+#endif /* __CR_SECURITY_H__ */
diff --git a/ptrace.c b/ptrace.c
index b102a1bea..f258a4395 100644
--- a/ptrace.c
+++ b/ptrace.c
@@ -19,6 +19,7 @@
 #include "ptrace.h"
 #include "proc_parse.h"
 #include "crtools.h"
+#include "security.h"
 
 int unseize_task(pid_t pid, int orig_st, int st)
 {