Date: Mon, 8 Jun 2009 09:18:13 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 163770 for review Message-ID: <200906080918.n589IDSn004953@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=163770 Change 163770 by rwatson@rwatson_freebsd_capabilities on 2009/06/08 09:17:47 Add a few more utility libraries necessary to run common binaries for experimentation purposes. Finish expunging LDSO_MODE, we always use rtld-elf-cap.so now. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/Makefile#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/cap_exec.c#6 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/Makefile#2 (text+ko) ==== @@ -1,5 +1,5 @@ PROG=cap_exec NO_MAN= -CFLAGS=-Wall -g -DLDSO_MODE +CFLAGS=-Wall -g .include <bsd.prog.mk> ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/cap_exec.c#6 (text+ko) ==== @@ -47,7 +47,6 @@ extern char **environ; -#ifdef LDSO_MODE #define LD_ELF_CAP_SO "/libexec/ld-elf-cap.so.1" char *ldso_argv[] = { LD_ELF_CAP_SO, @@ -55,8 +54,11 @@ }; #define LIBC_SO "libc.so.7" +#define LIBEDIT_SO "libedit.so.6" +#define LIBNCURSES_SO "libncurses.so.7" +#define LIBCRYPT_SO "libcrypt.so.4" + #define LIBPATH "/lib/" -#endif #define BASE_CAPS (CAP_IOCTL | CAP_EVENT | CAP_SEEK | CAP_FSTAT) #define STDIN_CAPS (BASE_CAPS | CAP_READ) @@ -95,7 +97,8 @@ int main(int argc, char *argv[]) { - int fd_exec, fd_ldso, fd_libc, fd_procdesc; + int fd_exec, fd_ldso, fd_procdesc; + int fd_libc, fd_libcrypt, fd_libedit, fd_libncurses; char *env_caplibindex; struct pollfd pollfd; pid_t pid; @@ -128,8 +131,19 @@ if (fcntl(fd_ldso, F_SETFD, FD_CLOEXEC) < 0) err(-1, "fcntl FD_CLOEXEC"); fd_libc = cap_open_limit(LIBPATH LIBC_SO, O_RDONLY, BIN_CAPS); - if (asprintf(&env_caplibindex, "%d:%s", fd_libc, LIBC_SO) == - -1) + fd_libcrypt = cap_open_limit(LIBPATH LIBCRYPT_SO, + O_RDONLY, BIN_CAPS); + fd_libedit = cap_open_limit(LIBPATH LIBEDIT_SO, O_RDONLY, + BIN_CAPS); + fd_libncurses = cap_open_limit(LIBPATH LIBNCURSES_SO, + O_RDONLY, BIN_CAPS); + + if (asprintf(&env_caplibindex, "%d:%s,%d:%s,%d:%s,%d:%s", + fd_libc, LIBC_SO, + fd_libcrypt, LIBCRYPT_SO, + fd_libedit, LIBEDIT_SO, + fd_libncurses, LIBNCURSES_SO + ) == -1) err(-1, "asprintf"); setenv("LD_CAPLIBINDEX", env_caplibindex, 1);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906080918.n589IDSn004953>