privsep: Disable RLIMIT_FSIZE when using the logfile option

We cannot offload it to the root process either because not all sandboxes have access to that..... Really need to fix syslog so that it starts before dhcpcd.
author: Roy Marples <roy@marples.name> 2020-06-10 07:04:29 +0100
committer: Roy Marples <roy@marples.name> 2020-06-10 07:04:29 +0100
commit: 465558f429c881d4fe5f818d09c00847e8399c94 (patch)
tree: 6d8a6f8e9ecfec8284d143ba9737fd6c9fdb8871 /src/privsep.c
parent: ebae898cfe5a4eaf0ee8b46d978bd217e336eb55 (diff)
download: dhcpcd-465558f429c881d4fe5f818d09c00847e8399c94.tar.xz
1 files changed, 10 insertions, 4 deletions
diff --git a/src/privsep.c b/src/privsep.c
index a29c1da6..ec8e4cc1 100644
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -164,10 +164,16 @@ ps_dropprivs(struct dhcpcd_ctx *ctx)
 	}
 
 #if !defined(HAVE_CAPSICUM) && !defined(HAVE_PLEDGE)
-	/* Prohibit large files */
-	if (setrlimit(RLIMIT_FSIZE, &rzero) == -1) {
-		logerr("setrlimit RLIMIT_FSIZE");
-		return -1;
+	/*
+	 * Prohibit large files
+	 * Cannot offload this to the privilged actioneer because
+	 * only the master process has access to it.
+	 */
+	if (ctx->logfile == NULL) {
+		if (setrlimit(RLIMIT_FSIZE, &rzero) == -1) {
+			logerr("setrlimit RLIMIT_FSIZE");
+			return -1;
+		}
 	}
 #endif
author	Roy Marples <roy@marples.name>	2020-06-10 07:04:29 +0100
committer	Roy Marples <roy@marples.name>	2020-06-10 07:04:29 +0100
commit	465558f429c881d4fe5f818d09c00847e8399c94 (patch)
tree	6d8a6f8e9ecfec8284d143ba9737fd6c9fdb8871 /src/privsep.c
parent	ebae898cfe5a4eaf0ee8b46d978bd217e336eb55 (diff)
download	dhcpcd-465558f429c881d4fe5f818d09c00847e8399c94.tar.xz