The rpc library needs read access to the rpc database in
/etc/rpc. Other than that rpcinfo only uses AF_INET sockets.
With -b, rpcinfo(8) uses gethostbyaddr(3) to report hosts that
responded, so add "dns" pledge as well.
OK bluhm, miod
-/* $OpenBSD: rpcinfo.c,v 1.18 2024/08/12 06:19:24 florian Exp $ */
+/* $OpenBSD: rpcinfo.c,v 1.19 2024/08/16 16:00:30 florian Exp $ */
/*
* Copyright (c) 2010, Oracle America, Inc.
#include <errno.h>
#include <limits.h>
#include <arpa/inet.h>
+#include <err.h>
#define MAXHOSTLEN 256
function = NONE;
portnum = 0;
errflg = 0;
+
+ if (unveil("/etc/rpc", "r") == -1)
+ err(1, "unveil /");
+ if (unveil(NULL, NULL) == -1)
+ err(1, "unveil");
+
+ if (pledge("stdio inet dns rpath", NULL) == -1)
+ err(1, "pledge");
+
while ((c = getopt(argc, argv, "ptubdsn:")) != -1) {
switch (c) {