The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b0c7eaf83d21bbc333e247ab9e136965b3ca54ed
commit b0c7eaf83d21bbc333e247ab9e136965b3ca54ed Author: Mark Johnston <[email protected]> AuthorDate: 2025-11-24 14:15:27 +0000 Commit: Mark Johnston <[email protected]> CommitDate: 2025-11-24 14:28:42 +0000 bhyve/slirp: Drop privileges before entering capability mode When in restricted mode, the slirp-helper process enters a capsicum sandbox, after which we cannot look up the uid for the "nobody" user. Reverse the order. Reported by: kp Fixes: 0e62ebd20172 ("bhyve: Move the slirp backend out into a separate process") --- usr.sbin/bhyve/slirp/slirp-helper.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/usr.sbin/bhyve/slirp/slirp-helper.c b/usr.sbin/bhyve/slirp/slirp-helper.c index ee62dd212369..06f393aab724 100644 --- a/usr.sbin/bhyve/slirp/slirp-helper.c +++ b/usr.sbin/bhyve/slirp/slirp-helper.c @@ -547,6 +547,11 @@ main(int argc, char **argv) priv.slirp = slirp; + /* + * Drop root privileges if we have them. + */ + drop_privs(); + /* * In restricted mode, we can enter a Capsicum sandbox without losing * functionality. @@ -554,11 +559,6 @@ main(int argc, char **argv) if (restricted && caph_enter() != 0) err(1, "caph_enter"); - /* - * Drop root privileges if we have them. - */ - drop_privs(); - /* * Enter our main loop. If bhyve goes away, we should observe a hangup * on the socket and exit.
