CVSROOT: /cvs
Module name: src
Changes by: yasu...@cvs.openbsd.org 2011/07/08 00:14:54
Modified files:
usr.sbin/npppd/common: ipsec_util_local.h
usr.sbin/npppd/npppd: npppd.c npppd_local.h pathnames.h
privsep.c privsep.h
Log message:
Improved npppd privileged separations:
- Changed finalizing way to the privileged process. In old way, the
privileged process could not aware abnormal exit of the process in
jail. Then the processes in jail remained as zombies. Created a
pipe to monitor the privileged process, the privileged process can
exit in peace by using the pipe.
- npppd will exit abnormally when the privileged process exits
abnormally.
- PF_KEY socket requires privileges.
- Return correct "errno" to the jail in priv_open().
- Cleanup.
ok hsuenaga@
