Linux: resource limits don't easily work here either....

author Roy Marples <roy@marples.name>

Fri, 5 Jun 2020 12:51:51 +0000 (13:51 +0100)

committer Roy Marples <roy@marples.name>

Fri, 5 Jun 2020 12:51:51 +0000 (13:51 +0100)
author Roy Marples <roy@marples.name>
Fri, 5 Jun 2020 12:51:51 +0000 (13:51 +0100)
committer Roy Marples <roy@marples.name>
Fri, 5 Jun 2020 12:51:51 +0000 (13:51 +0100)
diff --git a/src/if.c b/src/if.c

index 69a5003c07ccf8350787f5787bf99ba67faee511..fd05bec40b984f3db4cb240dc1bceebf3eb19002 100644 (file)
--- a/src/if.c
+++ b/src/if.c
@@ -127,8 +127,10 @@ if_closesockets(struct dhcpcd_ctx *ctx)
  
         if (ctx->pf_inet_fd != -1)
                 close(ctx->pf_inet_fd);
+#ifdef PF_LINK
         if (ctx->pf_link_fd != -1)
                 close(ctx->pf_link_fd);
+#endif
  
         if (ctx->priv) {
                 if_closesockets_os(ctx);
diff --git a/src/privsep.c b/src/privsep.c

index b9bc61d012a025995a93e3af95c2ef784df9f004..8901746444fc6094de61ce0afc3a383f37ac599c 100644 (file)
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -113,7 +113,7 @@ int
  ps_dropprivs(struct dhcpcd_ctx *ctx)
  {
         struct passwd *pw = ctx->ps_user;
-#if !defined(HAVE_PLEDGE)
+#if !defined(HAVE_PLEDGE) && !defined(__linux__)
         struct rlimit rzero = { .rlim_cur = 0, .rlim_max = 0 };
  #endif
  
@@ -132,7 +132,7 @@ ps_dropprivs(struct dhcpcd_ctx *ctx)
                 return -1;
         }
  
-#ifdef HAVE_PLEDGE
+#if defined(HAVE_PLEDGE) || defined(__linux__)
         /* None of these resource limits work with pledge. */
  #else
         /* Prohibit new files, sockets, etc */
author	Roy Marples <roy@marples.name>
	Fri, 5 Jun 2020 12:51:51 +0000 (13:51 +0100)
committer	Roy Marples <roy@marples.name>
	Fri, 5 Jun 2020 12:51:51 +0000 (13:51 +0100)
src/if.c		patch \| blob \| blame \| history
src/privsep.c		patch \| blob \| blame \| history