From: Roy Marples <roy@marples.name>
Date: Fri, 5 Jun 2020 12:51:51 +0000 (+0100)
Subject: Linux: resource limits don't easily work here either....
X-Git-Tag: v9.1.2~42
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bbc8b10a5aa9e0f8d72be2a103619a1aeb0bb933;p=thirdparty%2Fdhcpcd.git

Linux: resource limits don't easily work here either....
---

diff --git a/src/if.c b/src/if.c
index 69a5003c..fd05bec4 100644
--- a/src/if.c
+++ b/src/if.c
@@ -127,8 +127,10 @@ if_closesockets(struct dhcpcd_ctx *ctx)
 
 	if (ctx->pf_inet_fd != -1)
 		close(ctx->pf_inet_fd);
+#ifdef PF_LINK
 	if (ctx->pf_link_fd != -1)
 		close(ctx->pf_link_fd);
+#endif
 
 	if (ctx->priv) {
 		if_closesockets_os(ctx);
diff --git a/src/privsep.c b/src/privsep.c
index b9bc61d0..89017464 100644
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -113,7 +113,7 @@ int
 ps_dropprivs(struct dhcpcd_ctx *ctx)
 {
 	struct passwd *pw = ctx->ps_user;
-#if !defined(HAVE_PLEDGE)
+#if !defined(HAVE_PLEDGE) && !defined(__linux__)
 	struct rlimit rzero = { .rlim_cur = 0, .rlim_max = 0 };
 #endif
 
@@ -132,7 +132,7 @@ ps_dropprivs(struct dhcpcd_ctx *ctx)
 		return -1;
 	}
 
-#ifdef HAVE_PLEDGE
+#if defined(HAVE_PLEDGE) || defined(__linux__)
 	/* None of these resource limits work with pledge. */
 #else
 	/* Prohibit new files, sockets, etc */