Date: Tue, 2 Mar 2021 10:07:54 -0800 From: Conrad Meyer <cem@freebsd.org> To: FreeBSD-Current <freebsd-current@freebsd.org> Subject: Re: bhyve fopen failure Message-ID: <CAG6CVpUbAT1eY7mfhNJt%2BwERtmT-5POZCqNYNx7W32Bxjr8YYA@mail.gmail.com> In-Reply-To: <CAKAYmMK1b_9ShNFQm3HP--_F=dmWh_XR54PxF7Qbg2og0AgthA@mail.gmail.com> References: <CAKAYmMK1b_9ShNFQm3HP--_F=dmWh_XR54PxF7Qbg2og0AgthA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Chuck,
In capability mode (capsicum sandbox), files like this need to be opened
before bhyve enters sandboxed mode. (That=E2=80=99s =E2=80=98cap_enter()=
=E2=80=99.)
Best,
Conrad
On Tue, Mar 2, 2021 at 09:31 Chuck Tuffli <chuck@freebsd.org> wrote:
> I'm porting some code to bhyve and am getting a failure I don't
> understand. This is git as of af11c2029006 FWIW.
>
> The code in question is for an emulated device and looks like:
> dbg =3D fopen("/tmp/bhyve_ata.log", "w+");
> if (dbg =3D=3D NULL)
> perror("fopen");
>
> Running this fails with:
> fopen: Not permitted in capability mode
> Googling suggests this might be capsicum related. If so, what do I
> need to change to allow writes to a debug file?
>
> --chuck
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org=
"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpUbAT1eY7mfhNJt%2BwERtmT-5POZCqNYNx7W32Bxjr8YYA>