diff options
author | Darren Tucker <dtucker@zip.com.au> | 2014-01-18 22:12:15 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2014-01-18 22:12:15 +1100 |
commit | 841f7da89ae8b367bb502d61c5c41916c6e7ae4c (patch) | |
tree | a14ba4191d3de5c7cf4334b83717324b04704a6c /sandbox-capsicum.c | |
parent | fdce3731660699b2429e93e822f2ccbaccd163ae (diff) |
- (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
return value check for cap_enter() consistent with the other uses in
FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140.
Diffstat (limited to 'sandbox-capsicum.c')
-rw-r--r-- | sandbox-capsicum.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sandbox-capsicum.c b/sandbox-capsicum.c index 5853a13ef..f648c6ece 100644 --- a/sandbox-capsicum.c +++ b/sandbox-capsicum.c | |||
@@ -87,9 +87,9 @@ ssh_sandbox_child(struct ssh_sandbox *box) | |||
87 | if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) | 87 | if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) |
88 | fatal("can't limit stdin: %m"); | 88 | fatal("can't limit stdin: %m"); |
89 | if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS) | 89 | if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS) |
90 | fatal("can't limit stdin: %m"); | 90 | fatal("can't limit stdout: %m"); |
91 | if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS) | 91 | if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS) |
92 | fatal("can't limit stdin: %m"); | 92 | fatal("can't limit stderr: %m"); |
93 | 93 | ||
94 | cap_rights_init(&rights, CAP_READ, CAP_WRITE); | 94 | cap_rights_init(&rights, CAP_READ, CAP_WRITE); |
95 | if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1) | 95 | if (cap_rights_limit(box->monitor->m_recvfd, &rights) == -1) |
@@ -97,7 +97,7 @@ ssh_sandbox_child(struct ssh_sandbox *box) | |||
97 | cap_rights_init(&rights, CAP_WRITE); | 97 | cap_rights_init(&rights, CAP_WRITE); |
98 | if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1) | 98 | if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) == -1) |
99 | fatal("%s: failed to limit the logging socket", __func__); | 99 | fatal("%s: failed to limit the logging socket", __func__); |
100 | if (cap_enter() != 0 && errno != ENOSYS) | 100 | if (cap_enter() < 0 && errno != ENOSYS) |
101 | fatal("%s: failed to enter capability mode", __func__); | 101 | fatal("%s: failed to enter capability mode", __func__); |
102 | 102 | ||
103 | } | 103 | } |