privsep: Fold capsicum and pledge entry points into ps_entersandbox

author: Roy Marples <roy@marples.name> 2020-09-19 18:58:52 +0100
committer: Roy Marples <roy@marples.name> 2020-09-19 18:58:52 +0100
commit: 7a83026997582f5ec23a292dd0b0a4248bc1c141 (patch)
tree: 488c8a9cb35fa67cf0543ad77deeb0a0952bb4bc /src/privsep.c
parent: 8f78bde8042dace0e0330a58d430a0c7c8a32199 (diff)
download: dhcpcd-7a83026997582f5ec23a292dd0b0a4248bc1c141.tar.xz
1 files changed, 23 insertions, 13 deletions
diff --git a/src/privsep.c b/src/privsep.c
index f92ef45b..1841fb36 100644
--- a/src/privsep.c
+++ b/src/privsep.c
@@ -490,6 +490,28 @@ started_net:
 }
 
 int
+ps_entersandbox(const char *_pledge)
+{
+
+#ifdef HAVE_CAPSICUM
+	if (cap_enter() == -1 && errno != ENOSYS) {
+		logerr("%s: cap_enter", __func__);
+		return -1;
+	}
+#endif
+#ifdef HAVE_PLEDGE
+	if (pledge(_pledge, NULL) == -1) {
+		logerr("%s: pledge", __func__);
+		return -1;
+	}
+#else
+	UNUSED(_pledge);
+#endif
+
+	return 0;
+}
+
+int
 ps_mastersandbox(struct dhcpcd_ctx *ctx)
 {
 
@@ -508,20 +530,8 @@ ps_mastersandbox(struct dhcpcd_ctx *ctx)
 		return -1;
 	}
 #endif
-#ifdef HAVE_CAPSICUM
-	if (cap_enter() == -1 && errno != ENOSYS) {
-		logerr("%s: cap_enter", __func__);
-		return -1;
-	}
-#endif
-#ifdef HAVE_PLEDGE
-	if (pledge("stdio route", NULL) == -1) {
-		logerr("%s: pledge", __func__);
-		return -1;
-	}
-#endif
 
-	return 0;
+	return ps_entersandbox("stdio route");
 }
 
 int
author	Roy Marples <roy@marples.name>	2020-09-19 18:58:52 +0100
committer	Roy Marples <roy@marples.name>	2020-09-19 18:58:52 +0100
commit	7a83026997582f5ec23a292dd0b0a4248bc1c141 (patch)
tree	488c8a9cb35fa67cf0543ad77deeb0a0952bb4bc /src/privsep.c
parent	8f78bde8042dace0e0330a58d430a0c7c8a32199 (diff)
download	dhcpcd-7a83026997582f5ec23a292dd0b0a4248bc1c141.tar.xz