d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix installations that use kernels without CAPABILITIES support.

Browse Source 
Approved by:	des
This commit is contained in:
Pawel Jakub Dawidek 2014-02-04 21:48:09 +00:00
parent 49133c6d52
commit d62289d013
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=261499
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/openssh/sandbox-capsicum.c
View File

@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *box)
fatal("can't limit stderr: %m");
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1)
if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1 &&
errno != ENOSYS)
fatal("%s: failed to limit the network socket", __func__);
cap_rights_init(&rights, CAP_WRITE);
if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1)
if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1 &&
errno != ENOSYS)
fatal("%s: failed to limit the logging socket", __func__);
if (cap_enter() < 0 && errno != ENOSYS)
fatal("%s: failed to enter capability mode", __func__);