git: b0c7eaf83d21 - main - bhyve/slirp: Drop privileges before entering capability mode
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 24 Nov 2025 14:29:08 UTC
The branch main has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=b0c7eaf83d21bbc333e247ab9e136965b3ca54ed
commit b0c7eaf83d21bbc333e247ab9e136965b3ca54ed
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-11-24 14:15:27 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-11-24 14:28:42 +0000
bhyve/slirp: Drop privileges before entering capability mode
When in restricted mode, the slirp-helper process enters a capsicum
sandbox, after which we cannot look up the uid for the "nobody" user.
Reverse the order.
Reported by: kp
Fixes: 0e62ebd20172 ("bhyve: Move the slirp backend out into a separate process")
---
usr.sbin/bhyve/slirp/slirp-helper.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/usr.sbin/bhyve/slirp/slirp-helper.c b/usr.sbin/bhyve/slirp/slirp-helper.c
index ee62dd212369..06f393aab724 100644
--- a/usr.sbin/bhyve/slirp/slirp-helper.c
+++ b/usr.sbin/bhyve/slirp/slirp-helper.c
@@ -547,6 +547,11 @@ main(int argc, char **argv)
priv.slirp = slirp;
+ /*
+ * Drop root privileges if we have them.
+ */
+ drop_privs();
+
/*
* In restricted mode, we can enter a Capsicum sandbox without losing
* functionality.
@@ -554,11 +559,6 @@ main(int argc, char **argv)
if (restricted && caph_enter() != 0)
err(1, "caph_enter");
- /*
- * Drop root privileges if we have them.
- */
- drop_privs();
-
/*
* Enter our main loop. If bhyve goes away, we should observe a hangup
* on the socket and exit.