From c976b47d41f921d0b5312e3d129d5daca2236c6d Mon Sep 17 00:00:00 2001 From: nicm Date: Thu, 4 Jun 2015 22:56:33 +0000 Subject: [PATCH] systrace(4) STRIOCATTACH can only fail for file(1) if it is already systraced. If so, silently ignore the error and do not attempt to apply our own systrace policy. From Patrick Keshishian. --- usr.bin/file/sandbox.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/usr.bin/file/sandbox.c b/usr.bin/file/sandbox.c index 597997a129d..af531962671 100644 --- a/usr.bin/file/sandbox.c +++ b/usr.bin/file/sandbox.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sandbox.c,v 1.7 2015/05/29 15:58:34 nicm Exp $ */ +/* $OpenBSD: sandbox.c,v 1.8 2015/06/04 22:56:33 nicm Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -130,7 +130,7 @@ sandbox_fork(const char *user) close(devfd); if (ioctl(fd, STRIOCATTACH, &pid) == -1) - err(1, "ioctl(STRIOCATTACH)"); + goto out; memset(&policy, 0, sizeof policy); policy.strp_op = SYSTR_POLICY_NEW; @@ -150,6 +150,7 @@ sandbox_fork(const char *user) err(1, "ioctl(STRIOCPOLICY/MODIFY)"); } +out: if (kill(pid, SIGCONT) != 0) err(1, "kill(SIGCONT)"); return (pid); -- 2.20.1