svn commit: r263940 - head/usr.bin/units
Eitan Adler
eadler at FreeBSD.org
Sun Mar 30 16:04:48 UTC 2014
Author: eadler
Date: Sun Mar 30 16:04:47 2014
New Revision: 263940
URL: http://svnweb.freebsd.org/changeset/base/263940
Log:
add capsicum to units(1)
Modified:
head/usr.bin/units/units.c
Modified: head/usr.bin/units/units.c
==============================================================================
--- head/usr.bin/units/units.c Sun Mar 30 15:30:33 2014 (r263939)
+++ head/usr.bin/units/units.c Sun Mar 30 16:04:47 2014 (r263940)
@@ -22,11 +22,14 @@ static const char rcsid[] =
#include <ctype.h>
#include <err.h>
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <sys/capsicum.h>
+
#include "pathnames.h"
#define VERSION "1.0"
@@ -112,6 +115,7 @@ readunits(const char *userfile)
FILE *unitfile;
char line[512], *lineptr;
int len, linenum, i;
+ cap_rights_t unitfilerights;
unitcount = 0;
linenum = 0;
@@ -143,6 +147,12 @@ readunits(const char *userfile)
errx(1, "can't find units file '%s'", UNITSFILE);
}
}
+ if (cap_enter() < 0 && errno != ENOSYS)
+ err(1, "unable to enter capability mode");
+ cap_rights_init(&unitfilerights, CAP_READ, CAP_FSTAT);
+ if (cap_rights_limit(fileno(unitfile), &unitfilerights) < 0
+ && errno != ENOSYS)
+ err(1, "cap_rights_limit() failed");
while (!feof(unitfile)) {
if (!fgets(line, sizeof(line), unitfile))
break;
More information about the svn-src-all
mailing list