Date: Tue, 19 Jun 2018 23:43:14 +0000 (UTC) From: Mariusz Zaborski <oshogbo@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r335395 - in head: bin/dd bin/echo bin/sleep bin/uuidgen contrib/dma sbin/decryptcore sbin/dhclient sbin/dumpon sbin/md5 usr.bin/basename usr.bin/cmp usr.bin/col usr.bin/diff usr.bin/di... Message-ID: <201806192343.w5JNhEBj007865@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: oshogbo Date: Tue Jun 19 23:43:14 2018 New Revision: 335395 URL: https://svnweb.freebsd.org/changeset/base/335395 Log: Convert `cap_enter() < 0 && errno != ENOSYS` to `caph_enter() < 0`. No functional change intended. Modified: head/bin/dd/dd.c head/bin/echo/echo.c head/bin/sleep/sleep.c head/bin/uuidgen/uuidgen.c head/contrib/dma/dma-mbox-create.c head/sbin/decryptcore/decryptcore.c head/sbin/dhclient/dhclient.c head/sbin/dumpon/dumpon.c head/sbin/md5/md5.c head/usr.bin/basename/basename.c head/usr.bin/cmp/cmp.c head/usr.bin/col/col.c head/usr.bin/diff/diffreg.c head/usr.bin/diff3/diff3.c head/usr.bin/dirname/dirname.c head/usr.bin/elfdump/elfdump.c head/usr.bin/getopt/getopt.c head/usr.bin/hexdump/display.c head/usr.bin/iconv/iconv.c head/usr.bin/ident/ident.c head/usr.bin/indent/indent.c head/usr.bin/jot/jot.c head/usr.bin/kdump/kdump.c head/usr.bin/ktrdump/ktrdump.c head/usr.bin/lam/lam.c head/usr.bin/last/last.c head/usr.bin/locate/bigram/locate.bigram.c head/usr.bin/logname/logname.c head/usr.bin/ministat/ministat.c head/usr.bin/pom/pom.c head/usr.bin/primes/primes.c head/usr.bin/printenv/printenv.c head/usr.bin/rwho/rwho.c head/usr.bin/tee/tee.c head/usr.bin/tr/tr.c head/usr.bin/uniq/uniq.c head/usr.bin/units/units.c head/usr.bin/write/write.c head/usr.bin/yes/yes.c head/usr.sbin/bhyve/bhyverun.c head/usr.sbin/rwhod/rwhod.c Modified: head/bin/dd/dd.c ============================================================================== --- head/bin/dd/dd.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/bin/dd/dd.c Tue Jun 19 23:43:14 2018 (r335395) @@ -98,7 +98,7 @@ main(int argc __unused, char *argv[]) setup(); caph_cache_catpages(); - if (cap_enter() == -1 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); (void)signal(SIGINFO, siginfo_handler); Modified: head/bin/echo/echo.c ============================================================================== --- head/bin/echo/echo.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/bin/echo/echo.c Tue Jun 19 23:43:14 2018 (r335395) @@ -82,7 +82,7 @@ main(int argc, char *argv[]) char newline[] = "\n"; char *progname = argv[0]; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); /* This utility may NOT do getopt(3) option parsing. */ Modified: head/bin/sleep/sleep.c ============================================================================== --- head/bin/sleep/sleep.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/bin/sleep/sleep.c Tue Jun 19 23:43:14 2018 (r335395) @@ -70,7 +70,7 @@ main(int argc, char *argv[]) time_t original; char buf[2]; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); if (argc != 2) Modified: head/bin/uuidgen/uuidgen.c ============================================================================== --- head/bin/uuidgen/uuidgen.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/bin/uuidgen/uuidgen.c Tue Jun 19 23:43:14 2018 (r335395) @@ -86,7 +86,7 @@ main(int argc, char *argv[]) caph_cache_catpages(); if (caph_limit_stdio() < 0) err(1, "Unable to limit stdio"); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "Unable to enter capability mode"); if (count == -1) Modified: head/contrib/dma/dma-mbox-create.c ============================================================================== --- head/contrib/dma/dma-mbox-create.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/contrib/dma/dma-mbox-create.c Tue Jun 19 23:43:14 2018 (r335395) @@ -166,7 +166,7 @@ main(int argc, char **argv) err(EX_OSERR, "can't limit maildirfd rights"); /* Enter Capsicum capability sandbox */ - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(EX_OSERR, "cap_enter"); #endif Modified: head/sbin/decryptcore/decryptcore.c ============================================================================== --- head/sbin/decryptcore/decryptcore.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/sbin/decryptcore/decryptcore.c Tue Jun 19 23:43:14 2018 (r335395) @@ -35,6 +35,7 @@ __FBSDID("$FreeBSD$"); #include <sys/wait.h> #include <ctype.h> +#include <capsicum_helpers.h> #include <fcntl.h> #include <stdbool.h> #include <stdlib.h> @@ -167,7 +168,7 @@ decrypt(int ofd, const char *privkeyfile, const char * goto failed; } - if (cap_enter() < 0 && errno != ENOSYS) { + if (caph_enter() < 0) { pjdlog_errno(LOG_ERR, "Unable to enter capability mode"); goto failed; } Modified: head/sbin/dhclient/dhclient.c ============================================================================== --- head/sbin/dhclient/dhclient.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/sbin/dhclient/dhclient.c Tue Jun 19 23:43:14 2018 (r335395) @@ -64,6 +64,8 @@ __FBSDID("$FreeBSD$"); #include <sys/capsicum.h> #include <sys/endian.h> +#include <capsicum_helpers.h> + #include <net80211/ieee80211_freebsd.h> #ifndef _PATH_VAREMPTY @@ -539,7 +541,7 @@ main(int argc, char *argv[]) setproctitle("%s", ifi->name); - if (CASPER_SUPPORT && cap_enter() < 0 && errno != ENOSYS) + if (caph_enter_casper() < 0) error("can't enter capability mode: %m"); if (immediate_daemon) Modified: head/sbin/dumpon/dumpon.c ============================================================================== --- head/sbin/dumpon/dumpon.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/sbin/dumpon/dumpon.c Tue Jun 19 23:43:14 2018 (r335395) @@ -50,6 +50,7 @@ __FBSDID("$FreeBSD$"); #include <sys/sysctl.h> #include <assert.h> +#include <capsicum_helpers.h> #include <err.h> #include <errno.h> #include <fcntl.h> @@ -227,7 +228,7 @@ genkey(const char *pubkeyfile, struct diocskerneldump_ if (fp == NULL) err(1, "Unable to open %s", pubkeyfile); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "Unable to enter capability mode"); pubkey = RSA_new(); Modified: head/sbin/md5/md5.c ============================================================================== --- head/sbin/md5/md5.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/sbin/md5/md5.c Tue Jun 19 23:43:14 2018 (r335395) @@ -228,8 +228,7 @@ main(int argc, char *argv[]) if (*(argv + 1) == NULL) { cap_rights_init(&rights, CAP_READ); if ((cap_rights_limit(fd, &rights) < 0 && - errno != ENOSYS) || - (cap_enter() < 0 && errno != ENOSYS)) + errno != ENOSYS) || caph_enter() < 0) err(1, "capsicum"); } if ((p = Algorithm[digest].Fd(fd, buf)) == NULL) { @@ -253,8 +252,7 @@ main(int argc, char *argv[]) } } while (*++argv); } else if (!sflag && (optind == 1 || qflag || rflag)) { - if (caph_limit_stdin() < 0 || - (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdin() < 0 || caph_enter() < 0) err(1, "capsicum"); MDFilter(&Algorithm[digest], 0); } Modified: head/usr.bin/basename/basename.c ============================================================================== --- head/usr.bin/basename/basename.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/basename/basename.c Tue Jun 19 23:43:14 2018 (r335395) @@ -67,7 +67,7 @@ main(int argc, char **argv) setlocale(LC_ALL, ""); - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); aflag = 0; Modified: head/usr.bin/cmp/cmp.c ============================================================================== --- head/usr.bin/cmp/cmp.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/cmp/cmp.c Tue Jun 19 23:43:14 2018 (r335395) @@ -188,7 +188,7 @@ main(int argc, char *argv[]) caph_cache_catpages(); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(ERR_EXIT, "unable to enter capability mode"); if (!special) { Modified: head/usr.bin/col/col.c ============================================================================== --- head/usr.bin/col/col.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/col/col.c Tue Jun 19 23:43:14 2018 (r335395) @@ -144,7 +144,7 @@ main(int argc, char **argv) if (caph_limit_stdio() == -1) err(1, "unable to limit stdio"); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); max_bufd_lines = 256; Modified: head/usr.bin/diff/diffreg.c ============================================================================== --- head/usr.bin/diff/diffreg.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/diff/diffreg.c Tue Jun 19 23:43:14 2018 (r335395) @@ -334,7 +334,7 @@ diffreg(char *file1, char *file2, int flags, int capsi caph_cache_catpages(); caph_cache_tzdata(); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(2, "unable to enter capability mode"); } Modified: head/usr.bin/diff3/diff3.c ============================================================================== --- head/usr.bin/diff3/diff3.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/diff3/diff3.c Tue Jun 19 23:43:14 2018 (r335395) @@ -756,7 +756,7 @@ main(int argc, char **argv) nleft++; caph_cache_catpages(); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(2, "unable to enter capability mode"); /* parse diffs */ Modified: head/usr.bin/dirname/dirname.c ============================================================================== --- head/usr.bin/dirname/dirname.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/dirname/dirname.c Tue Jun 19 23:43:14 2018 (r335395) @@ -56,7 +56,7 @@ main(int argc, char **argv) char *p; int ch; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); while ((ch = getopt(argc, argv, "")) != -1) Modified: head/usr.bin/elfdump/elfdump.c ============================================================================== --- head/usr.bin/elfdump/elfdump.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/elfdump/elfdump.c Tue Jun 19 23:43:14 2018 (r335395) @@ -579,7 +579,7 @@ main(int ac, char **av) caph_limit_stdout() < 0 || caph_limit_stderr() < 0) { err(1, "unable to limit rights for stdio"); } - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); e = mmap(NULL, sb.st_size, PROT_READ, MAP_SHARED, fd, 0); if (e == MAP_FAILED) Modified: head/usr.bin/getopt/getopt.c ============================================================================== --- head/usr.bin/getopt/getopt.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/getopt/getopt.c Tue Jun 19 23:43:14 2018 (r335395) @@ -19,7 +19,7 @@ main(int argc, char *argv[]) int c; int status = 0; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); optind = 2; /* Past the program name and the option letters. */ Modified: head/usr.bin/hexdump/display.c ============================================================================== --- head/usr.bin/hexdump/display.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/hexdump/display.c Tue Jun 19 23:43:14 2018 (r335395) @@ -372,7 +372,7 @@ next(char **argv) * We've opened our last input file; enter capsicum sandbox. */ if (statok == 0 || *(_argv + 1) == NULL) { - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); } Modified: head/usr.bin/iconv/iconv.c ============================================================================== --- head/usr.bin/iconv/iconv.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/iconv/iconv.c Tue Jun 19 23:43:14 2018 (r335395) @@ -216,7 +216,7 @@ main(int argc, char **argv) err(EXIT_FAILURE, "iconv_open(%s, %s)", opt_t, opt_f); if (argc == 0) { - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(EXIT_FAILURE, "unable to enter capability mode"); res = do_conv(stdin, cd, opt_s, opt_c); } else { @@ -228,7 +228,7 @@ main(int argc, char **argv) err(EXIT_FAILURE, "Cannot open `%s'", argv[i]); /* Enter Capsicum sandbox for final input file. */ - if (i + 1 == argc && cap_enter() < 0 && errno != ENOSYS) + if (i + 1 == argc && caph_enter() < 0) err(EXIT_FAILURE, "unable to enter capability mode"); res |= do_conv(fp, cd, opt_s, opt_c); Modified: head/usr.bin/ident/ident.c ============================================================================== --- head/usr.bin/ident/ident.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/ident/ident.c Tue Jun 19 23:43:14 2018 (r335395) @@ -256,7 +256,7 @@ main(int argc, char **argv) } /* Enter Capsicum sandbox. */ - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(EXIT_FAILURE, "unable to enter capability mode"); for (i = 0; i < (int)nfds; i++) { Modified: head/usr.bin/indent/indent.c ============================================================================== --- head/usr.bin/indent/indent.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/indent/indent.c Tue Jun 19 23:43:14 2018 (r335395) @@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$"); #include <sys/param.h> #include <sys/capsicum.h> +#include <capsicum_helpers.h> #include <err.h> #include <errno.h> #include <fcntl.h> @@ -248,7 +249,7 @@ main(int argc, char **argv) cap_rights_init(&rights, CAP_FSTAT, CAP_READ); if (cap_rights_limit(fileno(input), &rights) < 0 && errno != ENOSYS) err(EXIT_FAILURE, "unable to limit rights for %s", in_name); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(EXIT_FAILURE, "unable to enter capability mode"); if (opt.com_ind <= 1) Modified: head/usr.bin/jot/jot.c ============================================================================== --- head/usr.bin/jot/jot.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/jot/jot.c Tue Jun 19 23:43:14 2018 (r335395) @@ -123,7 +123,7 @@ main(int argc, char **argv) */ caph_cache_catpages(); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); while ((ch = getopt(argc, argv, "b:cnp:rs:w:")) != -1) Modified: head/usr.bin/kdump/kdump.c ============================================================================== --- head/usr.bin/kdump/kdump.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/kdump/kdump.c Tue Jun 19 23:43:14 2018 (r335395) @@ -434,12 +434,12 @@ main(int argc, char *argv[]) } } if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); } #else if (resolv == 0) { - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); } #endif Modified: head/usr.bin/ktrdump/ktrdump.c ============================================================================== --- head/usr.bin/ktrdump/ktrdump.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/ktrdump/ktrdump.c Tue Jun 19 23:43:14 2018 (r335395) @@ -203,7 +203,7 @@ main(int ac, char **av) * kvm_nlist() above uses kldsym(2) for native kernels, and that isn't * allowed in the sandbox. */ - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); if (iflag) { Modified: head/usr.bin/lam/lam.c ============================================================================== --- head/usr.bin/lam/lam.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/lam/lam.c Tue Jun 19 23:43:14 2018 (r335395) @@ -99,7 +99,7 @@ main(int argc, char *argv[]) * mode. */ caph_cache_catpages(); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); for (;;) { Modified: head/usr.bin/last/last.c ============================================================================== --- head/usr.bin/last/last.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/last/last.c Tue Jun 19 23:43:14 2018 (r335395) @@ -190,7 +190,7 @@ main(int argc, char *argv[]) if (setutxdb(UTXDB_LOG, file) != 0) err(1, "%s", file != NULL ? file : "(default utx db)"); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "cap_enter"); if (sflag && width == 8) usage(); Modified: head/usr.bin/locate/bigram/locate.bigram.c ============================================================================== --- head/usr.bin/locate/bigram/locate.bigram.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/locate/bigram/locate.bigram.c Tue Jun 19 23:43:14 2018 (r335395) @@ -61,7 +61,6 @@ static char sccsid[] = "@(#)locate.bigram.c 8.1 (Berke #include <capsicum_helpers.h> #include <err.h> -#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <sys/param.h> /* for MAXPATHLEN */ @@ -78,7 +77,7 @@ main(void) u_char *oldpath = buf1, *path = buf2; u_int i, j; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); while (fgets(path, sizeof(buf2), stdin) != NULL) { Modified: head/usr.bin/logname/logname.c ============================================================================== --- head/usr.bin/logname/logname.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/logname/logname.c Tue Jun 19 23:43:14 2018 (r335395) @@ -54,7 +54,7 @@ main(int argc, char *argv[] __unused) { char *p; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); if (argc != 1) Modified: head/usr.bin/ministat/ministat.c ============================================================================== --- head/usr.bin/ministat/ministat.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/ministat/ministat.c Tue Jun 19 23:43:14 2018 (r335395) @@ -634,7 +634,7 @@ main(int argc, char **argv) setfilenames[i]); /* Enter Capsicum sandbox. */ - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(2, "unable to enter capability mode"); for (i = 0; i < nds; i++) { Modified: head/usr.bin/pom/pom.c ============================================================================== --- head/usr.bin/pom/pom.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/pom/pom.c Tue Jun 19 23:43:14 2018 (r335395) @@ -97,7 +97,7 @@ main(int argc, char **argv) err(1, "unable to limit capabitilities for stdio"); caph_cache_catpages(); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); while ((ch = getopt(argc, argv, "d:pt:")) != -1) Modified: head/usr.bin/primes/primes.c ============================================================================== --- head/usr.bin/primes/primes.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/primes/primes.c Tue Jun 19 23:43:14 2018 (r335395) @@ -61,7 +61,7 @@ static const char rcsid[] = * validation check: there are 664579 primes between 0 and 10^7 */ -#include <sys/capsicum.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <err.h> #include <errno.h> @@ -104,7 +104,7 @@ main(int argc, char *argv[]) /* Cache NLS data, for strerror, for err(3), before cap_enter. */ (void)catopen("libc", NL_CAT_LOCALE); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "cap_enter"); while ((ch = getopt(argc, argv, "h")) != -1) Modified: head/usr.bin/printenv/printenv.c ============================================================================== --- head/usr.bin/printenv/printenv.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/printenv/printenv.c Tue Jun 19 23:43:14 2018 (r335395) @@ -69,7 +69,7 @@ main(int argc, char *argv[]) size_t len; int ch; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); while ((ch = getopt(argc, argv, "")) != -1) Modified: head/usr.bin/rwho/rwho.c ============================================================================== --- head/usr.bin/rwho/rwho.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/rwho/rwho.c Tue Jun 19 23:43:14 2018 (r335395) @@ -51,6 +51,7 @@ __FBSDID("$FreeBSD$"); #include <protocols/rwhod.h> +#include <capsicum_helpers.h> #include <dirent.h> #include <err.h> #include <errno.h> @@ -136,7 +137,7 @@ main(int argc, char *argv[]) */ (void) time(&ct); (void) localtime(&ct); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "cap_enter"); (void) time(&now); cap_rights_init(&rights, CAP_READ); Modified: head/usr.bin/tee/tee.c ============================================================================== --- head/usr.bin/tee/tee.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/tee/tee.c Tue Jun 19 23:43:14 2018 (r335395) @@ -109,7 +109,7 @@ main(int argc, char *argv[]) } else add(fd, *argv); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(EXIT_FAILURE, "unable to enter capability mode"); while ((rval = read(STDIN_FILENO, buf, BSIZE)) > 0) for (p = head; p; p = p->next) { Modified: head/usr.bin/tr/tr.c ============================================================================== --- head/usr.bin/tr/tr.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/tr/tr.c Tue Jun 19 23:43:14 2018 (r335395) @@ -84,7 +84,7 @@ main(int argc, char **argv) if (caph_limit_stdio() == -1) err(1, "unable to limit stdio"); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); Cflag = cflag = dflag = sflag = 0; Modified: head/usr.bin/uniq/uniq.c ============================================================================== --- head/usr.bin/uniq/uniq.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/uniq/uniq.c Tue Jun 19 23:43:14 2018 (r335395) @@ -48,6 +48,7 @@ static const char rcsid[] = #include <sys/capsicum.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <err.h> #include <errno.h> @@ -177,7 +178,7 @@ main (int argc, char *argv[]) } strerror_init(); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); prevbuflen = thisbuflen = 0; Modified: head/usr.bin/units/units.c ============================================================================== --- head/usr.bin/units/units.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/units/units.c Tue Jun 19 23:43:14 2018 (r335395) @@ -33,7 +33,7 @@ static const char rcsid[] = #include <string.h> #include <unistd.h> -#include <sys/capsicum.h> +#include <capsicum_helpers.h> #ifndef UNITSFILE #define UNITSFILE "/usr/share/misc/definitions.units" @@ -819,7 +819,7 @@ main(int argc, char **argv) readunits(NULL); if (optind == argc - 2) { - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); havestr = argv[optind]; @@ -843,7 +843,7 @@ main(int argc, char **argv) if (inhistory == 0) err(1, "Could not initialize history"); - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "unable to enter capability mode"); if (!quiet) Modified: head/usr.bin/write/write.c ============================================================================== --- head/usr.bin/write/write.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/write/write.c Tue Jun 19 23:43:14 2018 (r335395) @@ -137,7 +137,7 @@ main(int argc, char **argv) login = "???"; } - if (cap_enter() < 0 && errno != ENOSYS) + if (caph_enter() < 0) err(1, "cap_enter"); while (getopt(argc, argv, "") != -1) Modified: head/usr.bin/yes/yes.c ============================================================================== --- head/usr.bin/yes/yes.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.bin/yes/yes.c Tue Jun 19 23:43:14 2018 (r335395) @@ -60,7 +60,7 @@ main(int argc, char **argv) size_t more; ssize_t ret; - if (caph_limit_stdio() < 0 || (cap_enter() < 0 && errno != ENOSYS)) + if (caph_limit_stdio() < 0 || caph_enter() < 0) err(1, "capsicum"); if (argc > 1) { Modified: head/usr.sbin/bhyve/bhyverun.c ============================================================================== --- head/usr.sbin/bhyve/bhyverun.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.sbin/bhyve/bhyverun.c Tue Jun 19 23:43:14 2018 (r335395) @@ -1114,7 +1114,7 @@ main(int argc, char *argv[]) if (caph_limit_stdout() == -1 || caph_limit_stderr() == -1) errx(EX_OSERR, "Unable to apply rights for sandbox"); - if (cap_enter() == -1 && errno != ENOSYS) + if (caph_enter() == -1) errx(EX_OSERR, "cap_enter() failed"); #endif Modified: head/usr.sbin/rwhod/rwhod.c ============================================================================== --- head/usr.sbin/rwhod/rwhod.c Tue Jun 19 23:40:42 2018 (r335394) +++ head/usr.sbin/rwhod/rwhod.c Tue Jun 19 23:43:14 2018 (r335395) @@ -63,6 +63,7 @@ __FBSDID("$FreeBSD$"); #include <protocols/rwhod.h> #include <ctype.h> +#include <capsicum_helpers.h> #include <err.h> #include <errno.h> #include <fcntl.h> @@ -372,7 +373,7 @@ receiver_process(void) syslog(LOG_WARNING, "cap_rights_limit: %m"); exit(1); } - if (cap_enter() < 0 && errno != ENOSYS) { + if (caph_enter() < 0) { syslog(LOG_ERR, "cap_enter: %m"); exit(1); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806192343.w5JNhEBj007865>