privsep: Remove pledges inet and dns from the master process

Achieved by adding IPC to ignore interfaces names based on the interface group. This means every process just pledges stdio for IPC which the exception of the master process which also pledges route so it can access the routing table.
author: Roy Marples <roy@marples.name> 2020-06-05 11:12:21 +0100
committer: Roy Marples <roy@marples.name> 2020-06-05 11:12:21 +0100
commit: 14af21e525d20018c73466f4c90afc3c4c2567fc (patch)
tree: ce9774419ef10a2842ee505c360d13e54c645bf1 /src/privsep-root.h
parent: d8abf7196114e205e2b6a6318111ea4b3f948668 (diff)
download: dhcpcd-14af21e525d20018c73466f4c90afc3c4c2567fc.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/privsep-root.h b/src/privsep-root.h
index a8e34227..371431bf 100644
--- a/src/privsep-root.h
+++ b/src/privsep-root.h
@@ -54,6 +54,7 @@ ssize_t ps_root_ioctllink(struct dhcpcd_ctx *, unsigned long, void *, size_t);
 ssize_t ps_root_ioctl6(struct dhcpcd_ctx *, unsigned long, void *, size_t);
 ssize_t ps_root_indirectioctl(struct dhcpcd_ctx *, unsigned long, const char *,
     void *, size_t);
+ssize_t ps_root_ifignoregroup(struct dhcpcd_ctx *, const char *);
 #endif
 #ifdef __linux__
 ssize_t ps_root_sendnetlink(struct dhcpcd_ctx *, int, struct msghdr *);
author	Roy Marples <roy@marples.name>	2020-06-05 11:12:21 +0100
committer	Roy Marples <roy@marples.name>	2020-06-05 11:12:21 +0100
commit	14af21e525d20018c73466f4c90afc3c4c2567fc (patch)
tree	ce9774419ef10a2842ee505c360d13e54c645bf1 /src/privsep-root.h
parent	d8abf7196114e205e2b6a6318111ea4b3f948668 (diff)
download	dhcpcd-14af21e525d20018c73466f4c90afc3c4c2567fc.tar.xz