Author: delphij
Date: Mon Mar 3 23:19:28 2014
New Revision: 262718
URL: http://svnweb.freebsd.org/changeset/base/262718
Log:
MFC r261499 (pjd):
Fix installations that use kernels without CAPABILITIES support.
Modified:
stable/10/crypto/openssh/sandbox-capsicum.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/crypto/openssh/sandbox-capsicum.c
==============================================================================
--- stable/10/crypto/openssh/sandbox-capsicum.c Mon Mar 3 20:28:27 2014
(r262717)
+++ stable/10/crypto/openssh/sandbox-capsicum.c Mon Mar 3 23:19:28 2014
(r262718)
@@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo
fatal("can't limit stderr: %m");
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
- if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1)
+ if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1 &&
+ errno != ENOSYS)
fatal("%s: failed to limit the network socket", __func__);
cap_rights_init(&rights, CAP_WRITE);
- if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1)
+ if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1 &&
+ errno != ENOSYS)
fatal("%s: failed to limit the logging socket", __func__);
if (cap_enter() < 0 && errno != ENOSYS)
fatal("%s: failed to enter capability mode", __func__);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
