svn commit: r314098 - head/usr.bin/lam
Allan Jude
allanjude at FreeBSD.org
Wed Feb 22 15:30:58 UTC 2017
Author: allanjude
Date: Wed Feb 22 15:30:57 2017
New Revision: 314098
URL: https://svnweb.freebsd.org/changeset/base/314098
Log:
lam(1): Failing to restrict stdin/stdout/stderr should not be fatal
When fed from a pipe, lam(1) would sometimes fail:
lam: unable to limit stdio: Capabilities insufficient
fixed regression in portsnap(8) introduced in r313938
This broke portsnap(8), the app that the capsicumization of lam(1) was
meant to secure.
# portsnap fetch update
Looking up portsnap.FreeBSD.org mirrors... 6 mirrors found.
Fetching snapshot tag from ec2-eu-west-1.portsnap.freebsd.org... done.
Fetching snapshot metadata... done.
Updating from Tue Feb 21 16:05:39 MSK 2017 to Tue Feb 21 16:59:30 MSK 2017.
Fetching 5 metadata patches.lam: unable to limit stdio: Capabilities insufficient
done.
Applying metadata patches... done.
Fetching 5 metadata files... lam: unable to limit stdio: Capabilities insufficient
/usr/sbin/portsnap: cannot open 8c94d2c3f8fcea20eb1fd82021566c99c63a010e6b3702ee11e7a491795bcfb8.gz: No such file or directory
metadata is corrupt.
Reported by: Vladimir Zakharov <zakharov.vv at gmail.com>, Ben Woods <woodsb02 at gmail.com>
Modified:
head/usr.bin/lam/lam.c
Modified: head/usr.bin/lam/lam.c
==============================================================================
--- head/usr.bin/lam/lam.c Wed Feb 22 10:21:39 2017 (r314097)
+++ head/usr.bin/lam/lam.c Wed Feb 22 15:30:57 2017 (r314098)
@@ -95,8 +95,7 @@ main(int argc, char *argv[])
* mode.
*/
caph_cache_catpages();
- if (caph_limit_stdio() == -1)
- err(1, "unable to limit stdio");
+ caph_limit_stdio();
if (cap_enter() < 0 && errno != ENOSYS)
err(1, "unable to enter capability mode");
More information about the svn-src-all
mailing list