DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 16:35:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

sys: specify process context for dropping root

Browse Source 
Similarly to enabling the syscall filter, specify what kind of chronyd
process is dropping the root privileges.
This commit is contained in:
Miroslav Lichvar
2020-10-05 18:10:35 +02:00
parent 545d2563ef
commit a96d288027
12 changed files with 29 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sys_linux.c
View File

@@ -426,7 +426,7 @@ SYS_Linux_Finalise(void)
#ifdef FEAT_PRIVDROP
void
SYS_Linux_DropRoot(uid_t uid, gid_t gid, int clock_control)
SYS_Linux_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_control)
{
char cap_text[256];
cap_t cap;
@@ -480,7 +480,7 @@ void check_seccomp_applicability(void)
/* ================================================== */
void
SYS_Linux_EnableSystemCallFilter(int level, SYS_SystemCallContext context)
SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
{
const int syscalls[] = {
/* Clock */