svn commit: r261499 - head/crypto/openssh
Pawel Jakub Dawidek
pjd at FreeBSD.org
Tue Feb 4 21:48:09 UTC 2014
Author: pjd
Date: Tue Feb 4 21:48:09 2014
New Revision: 261499
URL: http://svnweb.freebsd.org/changeset/base/261499
Log:
Fix installations that use kernels without CAPABILITIES support.
Approved by: des
Modified:
head/crypto/openssh/sandbox-capsicum.c
Modified: head/crypto/openssh/sandbox-capsicum.c
==============================================================================
--- head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:43:53 2014 (r261498)
+++ head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:48:09 2014 (r261499)
@@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo
fatal("can't limit stderr: %m");
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
- if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1)
+ if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1 &&
+ errno != ENOSYS)
fatal("%s: failed to limit the network socket", __func__);
cap_rights_init(&rights, CAP_WRITE);
- if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1)
+ if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1 &&
+ errno != ENOSYS)
fatal("%s: failed to limit the logging socket", __func__);
if (cap_enter() < 0 && errno != ENOSYS)
fatal("%s: failed to enter capability mode", __func__);
More information about the svn-src-all
mailing list