bhyve/slirp: Drop privileges before entering capability mode
When in restricted mode, the slirp-helper process enters a capsicum
sandbox, after which we cannot look up the uid for the "nobody" user.
Reverse the order.
Reported by: kp
Fixes: 0e62ebd201 ("bhyve: Move the slirp backend out into a separate process")
This commit is contained in:
@@ -547,6 +547,11 @@ main(int argc, char **argv)
|
||||
|
||||
priv.slirp = slirp;
|
||||
|
||||
/*
|
||||
* Drop root privileges if we have them.
|
||||
*/
|
||||
drop_privs();
|
||||
|
||||
/*
|
||||
* In restricted mode, we can enter a Capsicum sandbox without losing
|
||||
* functionality.
|
||||
@@ -554,11 +559,6 @@ main(int argc, char **argv)
|
||||
if (restricted && caph_enter() != 0)
|
||||
err(1, "caph_enter");
|
||||
|
||||
/*
|
||||
* Drop root privileges if we have them.
|
||||
*/
|
||||
drop_privs();
|
||||
|
||||
/*
|
||||
* Enter our main loop. If bhyve goes away, we should observe a hangup
|
||||
* on the socket and exit.
|
||||
|
||||
Reference in New Issue
Block a user