privsep: allow --chrootdir= to configure a default chroot directory

diff --git a/configure b/configure
index 3e2e20fd61c6f07d1660df2ed8648d4cdf09e1ad..a7ae924159be38d4a9bc7c80a8ffc826f8e4976a 100755 (executable)
--- a/configure
+++ b/configure
@@ -13,6 +13,7 @@ IPV4LL=
 INET6=
 PRIVSEP=
 PRIVSEP_USER=
+PRIVSEP_CHROOT=
 ARC4RANDOM=
 CLOSEFROM=
 RBTREE=
@@ -71,6 +72,7 @@ for x do
        --disable-privsep) PRIVSEP=no;;
        --enable-privsep) PRIVSEP=yes;;
        --privsepuser) PRIVSEP_USER=$var;;
+       --chrootdir) PRIVSEP_CHROOT=$var;;
        --prefix) PREFIX=$var;;
        --sysconfdir) SYSCONFDIR=$var;;
        --bindir|--sbindir) SBINDIR=$var;;
@@ -579,9 +581,17 @@ if [ "$PRIVSEP" = yes ]; then
 
        echo "CPPFLAGS+=        -DPRIVSEP" >>$CONFIG_MK
        echo "PRIVSEP_USER?=    $PRIVSEP_USER" >>$CONFIG_MK
+       if [ -n "$PRIVSEP_CHROOT" ]; then
+               echo "PRIVSEP_CHROOT=   $PRIVSEP_CHROOT" >>$CONFIG_MK
+       fi
        echo "#ifndef PRIVSEP_USER" >>$CONFIG_H
        echo "#define PRIVSEP_USER               \"$PRIVSEP_USER\"" >>$CONFIG_H
        echo "#endif" >>$CONFIG_H
+       if [ -n "$PRIVSEP_CHROOT" ]; then
+               echo "#ifndef PRIVSEP_CHROOT" >>$CONFIG_H
+               echo "#define PRIVSEP_CHROOT    \"$PRIVSEP_CHROOT\"" >>$CONFIG_H
+               echo "#endif" >>$CONFIG_H
+       fi
        echo "DHCPCD_SRCS+=     privsep.c privsep-root.c privsep-inet.c" \
                >>$CONFIG_MK
        if [ -z "$INET" ] || [ "$INET" = yes ]; then

diff --git a/src/dhcpcd.c b/src/dhcpcd.c
index 67ae0b2ec24fc906badc9b327ff5459d84281a5e..839209f9811790399223aa9fc33c2dd65aeba7c9 100644 (file)
--- a/src/dhcpcd.c
+++ b/src/dhcpcd.c
@@ -1826,6 +1826,9 @@ main(int argc, char **argv)
 #endif
 #ifdef PRIVSEP
        ctx.ps_root_fd = ctx.ps_data_fd = -1;
+#ifdef PRIVSEP_CHROOT
+       ctx.ps_chroot = PRIVSEP_CHROOT;
+#endif
        TAILQ_INIT(&ctx.ps_processes);
 #endif
        rt_init(&ctx);