Date: Mon, 8 Feb 2010 18:26:36 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 174474 for review Message-ID: <201002081826.o18IQaES059371@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/chv.cgi?CH=174474 Change 174474 by trasz@trasz_victim on 2010/02/08 18:26:15 Prevent foot shooting by using HRL-enabled world without HRL-enabled kernel. Affected files ... .. //depot/projects/soc2009/trasz_limits/lib/libutil/login_class.c#5 edit Differences ... ==== //depot/projects/soc2009/trasz_limits/lib/libutil/login_class.c#5 (text+ko) ==== @@ -425,6 +425,7 @@ quad_t p; mode_t mymask; login_cap_t *llc = NULL; + sig_t prevsig; struct rtprio rtp; int error; @@ -512,13 +513,21 @@ return (-1); } - if (lc != NULL && lc->lc_class != NULL) { + if (lc != NULL && lc->lc_class != NULL && (flags & LOGIN_SETLOGINCLASS)) { /* Inform the kernel about current login class */ - if ((flags & LOGIN_SETLOGINCLASS) && - setloginclass(lc->lc_class) != 0) { + /* + * XXX: This is a workaround to fail gracefully in case the kernel + * does not support setloginclass(2). + */ + prevsig = signal(SIGSYS, SIG_IGN); + error = setloginclass(lc->lc_class); + signal(SIGSYS, prevsig); + if (error != 0) { syslog(LOG_ERR, "setloginclass(%s): %m", lc->lc_class); +#ifdef notyet login_close(llc); return (-1); +#endif } }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201002081826.o18IQaES059371>