On Fri, Mar 19, 2021 at 10:02:26AM +0100, Claudio Jeker wrote:
> rpki-client is currently not able to to load relative tal files via -t
> option. The problem is that the chdir to the cache directory happens
> before the tal files are loaded. Move the fchdir down so relative path
> work when queue_add_tal() is called. Also make sure that the rsync and
> parser process chdir to the cachdir.
ok tb
>
> --
> :wq Claudio
>
> Index: main.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v
> retrieving revision 1.120
> diff -u -p -r1.120 main.c
> --- main.c 18 Mar 2021 14:05:44 -0000 1.120
> +++ main.c 19 Mar 2021 08:53:47 -0000
> @@ -962,10 +962,6 @@ main(int argc, char *argv[])
> if (talsz == 0)
> err(1, "no TAL files found in %s", "/etc/rpki");
>
> - /* change working directory to the cache directory */
> - if (fchdir(cachefd) == -1)
> - err(1, "fchdir");
> -
> /*
> * Create the file reader as a jailed child process.
> * It will be responsible for reading all of the files (ROAs,
> @@ -980,6 +976,10 @@ main(int argc, char *argv[])
> if (procpid == 0) {
> close(fd[1]);
>
> + /* change working directory to the cache directory */
> + if (fchdir(cachefd) == -1)
> + err(1, "fchdir");
> +
> /* Only allow access to the cache directory. */
> if (unveil(".", "r") == -1)
> err(1, "%s: unveil", cachedir);
> @@ -1009,6 +1009,10 @@ main(int argc, char *argv[])
> close(proc);
> close(fd[1]);
>
> + /* change working directory to the cache directory */
> + if (fchdir(cachefd) == -1)
> + err(1, "fchdir");
> +
> if (pledge("stdio rpath proc exec unveil", NULL) == -1)
> err(1, "pledge");
>
> @@ -1086,6 +1090,10 @@ main(int argc, char *argv[])
>
> for (i = 0; i < talsz; i++)
> queue_add_tal(tals[i]);
> +
> + /* change working directory to the cache directory */
> + if (fchdir(cachefd) == -1)
> + err(1, "fchdir");
>
> while (entity_queue > 0 && !killme) {
> pfd[0].events = POLLIN;
>
