CVSROOT: /cvs
Module name: src
Changes by: k...@cvs.openbsd.org 2019/04/18 15:58:59
Modified files:
sbin/pfctl : parse.y
Log message:
Fix table definition parsing as unprivileged user
revision 1.689 introduced warn_duplicate_tables() unconditionally, breaking
the parser on tables withs insufficient permissions to open pf(4):
$ echo 'table <t>' | pfctl -nf-
pfctl: pfr_get_tables: Bad file descriptor
So simply check whether pfctl is able to get the table list first. If not,
instead of silently avoiding namespace collision checks, print a brief
notice iff `-v' is given to help finding duplicate definitions by hand:
$ echo 'table <t>' | ./obj/pfctl -vnf-
table <t>
stdin:1: skipping duplicate table checks for <t>
Reported by Rivo Nurges, thanks!
OK benno sashan
