privsep: Dump leases from stdin in a limited sandbox

diff --git a/src/dhcpcd.c b/src/dhcpcd.c
index 9c47ca7cf267931cf41fecf908ac4bef0b7bbb50..861ff3bfeac049c892c7fec0acbff1bb94ee610f 100644 (file)
--- a/src/dhcpcd.c
+++ b/src/dhcpcd.c
@@ -2135,11 +2135,20 @@ printpidfile:
        }
 #endif
 
+#ifdef PRIVSEP
+       ps_init(&ctx);
+#endif
+
 #ifndef SMALL
        if (ctx.options & DHCPCD_DUMPLEASE &&
            ioctl(fileno(stdin), FIONREAD, &i, sizeof(i)) == 0 &&
            i > 0)
        {
+               ctx.options |= DHCPCD_FORKED; /* pretend child process */
+#ifdef PRIVSEP
+               if (IN_PRIVSEP(&ctx) && ps_mastersandbox(&ctx) == -1)
+                       goto exit_failure;
+#endif
                ifp = calloc(1, sizeof(*ifp));
                if (ifp == NULL) {
                        logerr(__func__);
@@ -2241,11 +2250,6 @@ printpidfile:
        if (freopen(_PATH_DEVNULL, "r", stdin) == NULL)
                logerr("%s: freopen stdin", __func__);
 
-
-#ifdef PRIVSEP
-       ps_init(&ctx);
-#endif
-
 #if defined(USE_SIGNALS) && !defined(THERE_IS_NO_FORK)
        if (xsocketpair(AF_UNIX, SOCK_DGRAM | SOCK_CXNB, 0, fork_fd) == -1 ||
            xsocketpair(AF_UNIX, SOCK_DGRAM | SOCK_CXNB, 0, stderr_fd) == -1)

diff --git a/src/privsep.c b/src/privsep.c
index 98d57857785e0054c6b3d27fb90c94b5516de10d..5a10d26aad91c7bfa12b51fd2017dc737f1b228a 100644 (file)
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -480,8 +480,9 @@ ps_mastersandbox(struct dhcpcd_ctx *ctx)
        }
 
 #ifdef PRIVSEP_RIGHTS
-       if (ps_rights_limit_ioctl(ctx->pf_inet_fd) == -1 ||
-            ps_rights_limit_fd(ctx->link_fd) == -1 ||
+       if ((ctx->pf_inet_fd != -1 &&
+           ps_rights_limit_ioctl(ctx->pf_inet_fd) == -1) ||
+           (ctx->link_fd != -1 && ps_rights_limit_fd(ctx->link_fd) == -1) ||
             ps_rights_limit_stdio() == -1)
        {
                logerr("%s: cap_rights_limit", __func__);