sys_netbsd: don't check access to /dev/clockctl with -x

With the -x option there is no need for write access to /dev/clockctl.

diff --git a/sys.c b/sys.c
index 6359c33a16051dd14bcf2c98fbc28f15c0b71d26..1a1a43240470815510bed322fb0ea970efa70911 100644 (file)
--- a/sys.c
+++ b/sys.c
@@ -104,7 +104,7 @@ void SYS_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 #elif defined(SOLARIS) && defined(FEAT_PRIVDROP)
   SYS_Solaris_DropRoot(uid, gid, context);
 #elif (defined(NETBSD) || defined(FREEBSD)) && defined(FEAT_PRIVDROP)
-  SYS_NetBSD_DropRoot(uid, gid, context);
+  SYS_NetBSD_DropRoot(uid, gid, context, !null_driver);
 #elif defined(MACOSX) && defined(FEAT_PRIVDROP)
   SYS_MacOSX_DropRoot(uid, gid, context);
 #else

diff --git a/sys_netbsd.c b/sys_netbsd.c
index 36ffa182aa5c0569c361b5fb8e3b94e4732c2ccd..e1b99bb3f07269b1f64631025aed97129bf733e4 100644 (file)
--- a/sys_netbsd.c
+++ b/sys_netbsd.c
@@ -131,7 +131,7 @@ SYS_NetBSD_Finalise(void)
 
 #ifdef FEAT_PRIVDROP
 void
-SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
+SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_control)
 {
 #ifdef NETBSD
   int fd;
@@ -145,6 +145,9 @@ SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
   UTI_DropRoot(uid, gid);
 
 #ifdef NETBSD
+  if (!clock_control)
+    return;
+
   /* Check if we have write access to /dev/clockctl */
   fd = open("/dev/clockctl", O_WRONLY);
   if (fd < 0)

diff --git a/sys_netbsd.h b/sys_netbsd.h
index 756bc8a0add22fa742731d29ce894038d0eb0c02..7a05e6c983f208f9457f8475c8cceb81f29be817 100644 (file)
--- a/sys_netbsd.h
+++ b/sys_netbsd.h
@@ -34,6 +34,6 @@ void SYS_NetBSD_Initialise(void);
 
 void SYS_NetBSD_Finalise(void);
 
-void SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context);
+void SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_control);
 
 #endif