Date: Mon, 24 Nov 2025 14:29:08 +0000 From: Mark Johnston <markj@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: b0c7eaf83d21 - main - bhyve/slirp: Drop privileges before entering capability mode Message-ID: <69246bb4.2d0b5.1f05f590@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b0c7eaf83d21bbc333e247ab9e136965b3ca54ed commit b0c7eaf83d21bbc333e247ab9e136965b3ca54ed Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2025-11-24 14:15:27 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2025-11-24 14:28:42 +0000 bhyve/slirp: Drop privileges before entering capability mode When in restricted mode, the slirp-helper process enters a capsicum sandbox, after which we cannot look up the uid for the "nobody" user. Reverse the order. Reported by: kp Fixes: 0e62ebd20172 ("bhyve: Move the slirp backend out into a separate process") --- usr.sbin/bhyve/slirp/slirp-helper.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/usr.sbin/bhyve/slirp/slirp-helper.c b/usr.sbin/bhyve/slirp/slirp-helper.c index ee62dd212369..06f393aab724 100644 --- a/usr.sbin/bhyve/slirp/slirp-helper.c +++ b/usr.sbin/bhyve/slirp/slirp-helper.c @@ -547,6 +547,11 @@ main(int argc, char **argv) priv.slirp = slirp; + /* + * Drop root privileges if we have them. + */ + drop_privs(); + /* * In restricted mode, we can enter a Capsicum sandbox without losing * functionality. @@ -554,11 +559,6 @@ main(int argc, char **argv) if (restricted && caph_enter() != 0) err(1, "caph_enter"); - /* - * Drop root privileges if we have them. - */ - drop_privs(); - /* * Enter our main loop. If bhyve goes away, we should observe a hangup * on the socket and exit.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69246bb4.2d0b5.1f05f590>