use anyhow::Result;
pub trait Privilege: Send + Sync {
fn is_privileged(&self) -> bool;
async fn drop_privileges(&self, username: &str) -> Result<()>;
async fn elevate_privileges(&self, f: F) -> Result<R>
where F: AsyncFnOnce<Output = Result<R> + Send>,
R: Send;
async fn set_capabilities(&self, caps: &[Capability]);
}
pub enum Capability {
NetBindService,
NetAdmin,
NetRaw,
SysChroot,
SetUid,
SetGid,
Custom(String),
}