Date: Mon, 3 Mar 2014 23:19:29 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r262718 - stable/10/crypto/openssh Message-ID: <201403032319.s23NJTBN072528@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Mon Mar 3 23:19:28 2014 New Revision: 262718 URL: http://svnweb.freebsd.org/changeset/base/262718 Log: MFC r261499 (pjd): Fix installations that use kernels without CAPABILITIES support. Modified: stable/10/crypto/openssh/sandbox-capsicum.c Directory Properties: stable/10/ (props changed) Modified: stable/10/crypto/openssh/sandbox-capsicum.c ============================================================================== --- stable/10/crypto/openssh/sandbox-capsicum.c Mon Mar 3 20:28:27 2014 (r262717) +++ stable/10/crypto/openssh/sandbox-capsicum.c Mon Mar 3 23:19:28 2014 (r262718) @@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo fatal("can't limit stderr: %m"); cap_rights_init(&rights, CAP_READ, CAP_WRITE); - if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1) + if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1 && + errno != ENOSYS) fatal("%s: failed to limit the network socket", __func__); cap_rights_init(&rights, CAP_WRITE); - if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1) + if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1 && + errno != ENOSYS) fatal("%s: failed to limit the logging socket", __func__); if (cap_enter() < 0 && errno != ENOSYS) fatal("%s: failed to enter capability mode", __func__);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403032319.s23NJTBN072528>