From: millert <millert@openbsd.org>
Date: Wed, 14 Oct 2015 22:34:47 +0000 (+0000)
Subject: Add a dummy "flock" request that will allow file locking.  It is
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=5929c5d03da275ae0da509ebdc9fd41f0e047078;p=openbsd

Add a dummy "flock" request that will allow file locking.  It is
not currently enforced but we want the kernel to be able to parse
it for an upcoming diff in the next few days.
---

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index b37f95ab73c..0fcd9f6e019 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.25 2015/10/14 14:24:03 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.26 2015/10/14 22:34:47 millert Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -224,8 +224,7 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = {
 	[SYS_setsockopt] = PLEDGE_INET | PLEDGE_UNIX,
 	[SYS_getsockopt] = PLEDGE_INET | PLEDGE_UNIX,
 
-	/* XXX getpw for the ypbind.lock; all other flock users have cpath */
-	[SYS_flock] = PLEDGE_GETPW | PLEDGE_CPATH,
+	[SYS_flock] = PLEDGE_RW | PLEDGE_CPATH,
 };
 
 static const struct {
@@ -254,6 +253,7 @@ static const struct {
 	{ "abort",		PLEDGE_ABORT },
 	{ "fattr",		PLEDGE_FATTR },
 	{ "prot_exec",		PLEDGE_PROTEXEC },
+	{ "flock",		PLEDGE_RW | PLEDGE_CPATH },
 };
 
 int