subr.c (222224) | subr.c (223584) |
---|---|
1/*- 2 * Copyright (c) 2010 The FreeBSD Foundation 3 * Copyright (c) 2011 Pawel Jakub Dawidek <pawel@dawidek.net> 4 * All rights reserved. 5 * 6 * This software was developed by Pawel Jakub Dawidek under sponsorship from 7 * the FreeBSD Foundation. 8 * --- 15 unchanged lines hidden (view full) --- 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 */ 30 31#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 2010 The FreeBSD Foundation 3 * Copyright (c) 2011 Pawel Jakub Dawidek <pawel@dawidek.net> 4 * All rights reserved. 5 * 6 * This software was developed by Pawel Jakub Dawidek under sponsorship from 7 * the FreeBSD Foundation. 8 * --- 15 unchanged lines hidden (view full) --- 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 */ 30 31#include <sys/cdefs.h> |
32__FBSDID("$FreeBSD: head/sbin/hastd/subr.c 222224 2011-05-23 20:59:50Z pjd $"); | 32__FBSDID("$FreeBSD: head/sbin/hastd/subr.c 223584 2011-06-27 09:10:48Z pjd $"); |
33 34#include <sys/capability.h> 35#include <sys/param.h> 36#include <sys/disk.h> 37#include <sys/ioctl.h> 38#include <sys/jail.h> 39#include <sys/stat.h> 40 --- 184 unchanged lines hidden (view full) --- 225 } 226 227 /* 228 * Until capsicum doesn't allow ioctl(2) we cannot use it to sandbox 229 * primary and secondary worker processes, as primary uses GGATE 230 * ioctls and secondary uses ioctls to handle BIO_DELETE and BIO_FLUSH. 231 * For now capsicum is only used to sandbox hastctl. 232 */ | 33 34#include <sys/capability.h> 35#include <sys/param.h> 36#include <sys/disk.h> 37#include <sys/ioctl.h> 38#include <sys/jail.h> 39#include <sys/stat.h> 40 --- 184 unchanged lines hidden (view full) --- 225 } 226 227 /* 228 * Until capsicum doesn't allow ioctl(2) we cannot use it to sandbox 229 * primary and secondary worker processes, as primary uses GGATE 230 * ioctls and secondary uses ioctls to handle BIO_DELETE and BIO_FLUSH. 231 * For now capsicum is only used to sandbox hastctl. 232 */ |
233 if (res == NULL) | 233 if (res == NULL) { |
234 capsicum = (cap_enter() == 0); | 234 capsicum = (cap_enter() == 0); |
235 else | 235 if (!capsicum) { 236 pjdlog_common(LOG_DEBUG, 1, errno, 237 "Unable to sandbox using capsicum"); 238 } 239 } else |
236 capsicum = false; 237 238 /* 239 * Better be sure that everything succeeded. 240 */ 241 PJDLOG_VERIFY(getresuid(&ruid, &euid, &suid) == 0); 242 PJDLOG_VERIFY(ruid == pw->pw_uid); 243 PJDLOG_VERIFY(euid == pw->pw_uid); --- 15 unchanged lines hidden --- | 240 capsicum = false; 241 242 /* 243 * Better be sure that everything succeeded. 244 */ 245 PJDLOG_VERIFY(getresuid(&ruid, &euid, &suid) == 0); 246 PJDLOG_VERIFY(ruid == pw->pw_uid); 247 PJDLOG_VERIFY(euid == pw->pw_uid); --- 15 unchanged lines hidden --- |