reads OK for me as well
On 10:28 Sat 03 Nov , Claudio Jeker wrote:
> On Sat, Nov 03, 2018 at 10:24:23AM +0100, Remi Locherer wrote:
> > On Tue, Oct 30, 2018 at 05:31:04PM +0000, Ricardo Mestre wrote:
> > > clearly an oversight due to looking at too many daemons at the same
> > > time. since the only thing ripd needs to do is unlink the socket I think
> > > we can remove control_cleanup, even though I'd rather do this
> > > introducing pledge, but for now it's a great compromise.
> > >
> >
> > In addition to your diff this pledges the rde and ripe.
> >
> > OK?
>
> Reads OK. Not sure about the ripe pledge but looking at ospfd I think it
> should be right. Can't test right now.
>
> > Index: control.c
> > ===================================================================
> > RCS file: /cvs/src/usr.sbin/ripd/control.c,v
> > retrieving revision 1.25
> > diff -u -p -r1.25 control.c
> > --- control.c 17 Jan 2017 22:10:56 -0000 1.25
> > +++ control.c 3 Nov 2018 09:11:39 -0000
> > @@ -100,14 +100,6 @@ control_listen(void)
> > return (0);
> > }
> >
> > -void
> > -control_cleanup(char *path)
> > -{
> > - event_del(&control_state.ev);
> > - event_del(&control_state.evt);
> > - unlink(path);
> > -}
> > -
> > /* ARGSUSED */
> > void
> > control_accept(int listenfd, short event, void *bula)
> > Index: control.h
> > ===================================================================
> > RCS file: /cvs/src/usr.sbin/ripd/control.h,v
> > retrieving revision 1.5
> > diff -u -p -r1.5 control.h
> > --- control.h 2 Aug 2016 16:05:32 -0000 1.5
> > +++ control.h 3 Nov 2018 09:11:20 -0000
> > @@ -39,6 +39,5 @@ int control_listen(void);
> > void control_accept(int, short, void *);
> > void control_dispatch_imsg(int, short, void *);
> > int control_imsg_relay(struct imsg *);
> > -void control_cleanup(char *);
> >
> > #endif /* _CONTROL_H_ */
> > Index: rde.c
> > ===================================================================
> > RCS file: /cvs/src/usr.sbin/ripd/rde.c,v
> > retrieving revision 1.21
> > diff -u -p -r1.21 rde.c
> > --- rde.c 3 Sep 2016 10:28:08 -0000 1.21
> > +++ rde.c 3 Nov 2018 07:38:41 -0000
> > @@ -109,6 +109,9 @@ rde(struct ripd_conf *xconf, int pipe_pa
> > setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
> > fatal("can't drop privileges");
> >
> > + if (pledge("stdio", NULL) == -1)
> > + fatal("pledge");
> > +
> > event_init();
> >
> > /* setup signal handler */
> > Index: ripd.c
> > ===================================================================
> > RCS file: /cvs/src/usr.sbin/ripd/ripd.c,v
> > retrieving revision 1.30
> > diff -u -p -r1.30 ripd.c
> > --- ripd.c 3 Sep 2016 10:28:08 -0000 1.30
> > +++ ripd.c 3 Nov 2018 09:14:38 -0000
> > @@ -211,6 +211,11 @@ main(int argc, char *argv[])
> > rde_pid = rde(conf, pipe_parent2rde, pipe_ripe2rde, pipe_parent2ripe);
> > ripe_pid = ripe(conf, pipe_parent2ripe, pipe_ripe2rde, pipe_parent2rde);
> >
> > + if (unveil("/", "") == -1)
> > + fatal("unveil");
> > + if (unveil(NULL, NULL) == -1)
> > + fatal("unveil");
> > +
> > event_init();
> >
> > /* setup signal handler */
> > @@ -276,7 +281,6 @@ ripd_shutdown(void)
> > if_del(i);
> > }
> >
> > - control_cleanup(conf->csock);
> > kr_shutdown();
> >
> > log_debug("waiting for children to terminate");
> > Index: ripe.c
> > ===================================================================
> > RCS file: /cvs/src/usr.sbin/ripd/ripe.c,v
> > retrieving revision 1.22
> > diff -u -p -r1.22 ripe.c
> > --- ripe.c 3 Sep 2016 10:28:08 -0000 1.22
> > +++ ripe.c 3 Nov 2018 09:07:24 -0000
> > @@ -196,6 +196,9 @@ ripe(struct ripd_conf *xconf, int pipe_p
> > iface->name);
> > }
> >
> > + if (pledge("stdio inet mcast", NULL) == -1)
> > + fatal("pledge");
> > +
> > evtimer_set(&oeconf->report_timer, report_timer, oeconf);
> > start_report_timer();
> >
>
> --
> :wq Claudio
