svn commit: r262718 - stable/10/crypto/openssh
Xin LI
delphij at FreeBSD.org
Mon Mar 3 23:19:29 UTC 2014
Author: delphij
Date: Mon Mar 3 23:19:28 2014
New Revision: 262718
URL: http://svnweb.freebsd.org/changeset/base/262718
Log:
MFC r261499 (pjd):
Fix installations that use kernels without CAPABILITIES support.
Modified:
stable/10/crypto/openssh/sandbox-capsicum.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/crypto/openssh/sandbox-capsicum.c
==============================================================================
--- stable/10/crypto/openssh/sandbox-capsicum.c Mon Mar 3 20:28:27 2014 (r262717)
+++ stable/10/crypto/openssh/sandbox-capsicum.c Mon Mar 3 23:19:28 2014 (r262718)
@@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo
fatal("can't limit stderr: %m");
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
- if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1)
+ if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1 &&
+ errno != ENOSYS)
fatal("%s: failed to limit the network socket", __func__);
cap_rights_init(&rights, CAP_WRITE);
- if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1)
+ if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1 &&
+ errno != ENOSYS)
fatal("%s: failed to limit the logging socket", __func__);
if (cap_enter() < 0 && errno != ENOSYS)
fatal("%s: failed to enter capability mode", __func__);
More information about the svn-src-all
mailing list