From dc2c061acb8533dd25b43a984d303a6826c1d043 Mon Sep 17 00:00:00 2001
From: doug <doug@openbsd.org>
Date: Tue, 13 Oct 2015 07:10:38 +0000
Subject: [PATCH] Pledge "stdio rpath" requests for nologin.

ok deraadt@
"reads ok" semarie@
---
 sbin/nologin/nologin.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/sbin/nologin/nologin.c b/sbin/nologin/nologin.c
index e8bcc9c76f0..a01f4211c4c 100644
--- a/sbin/nologin/nologin.c
+++ b/sbin/nologin/nologin.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: nologin.c,v 1.5 2003/07/10 00:00:58 david Exp $	*/
+/*	$OpenBSD: nologin.c,v 1.6 2015/10/13 07:10:38 doug Exp $	*/
 
 /*
  * Copyright (c) 1997, Jason Downs.  All rights reserved.
@@ -26,6 +26,7 @@
  */
 
 #include <sys/types.h>
+#include <err.h>
 #include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -38,12 +39,16 @@
 #define DEFAULT_MESG	"This account is currently not available.\n"
 
 /*ARGSUSED*/
-int main(int argc, char *argv[])
+int
+main(int argc, char *argv[])
 {
 	int nfd;
 	ssize_t nrd;
 	char nbuf[BUFSIZ];
 
+	if (pledge("stdio rpath", NULL) == -1)
+		err(1, "pledge");
+
 	nfd = open(_PATH_NOLOGIN_TXT, O_RDONLY);
 	if (nfd < 0) {
 		write(STDOUT_FILENO, DEFAULT_MESG, strlen(DEFAULT_MESG));
-- 
2.20.1