Hi,
This one was difficult to get since SIOCGIFRDOMAIN is checked in a loop inside
dispatch().
It needs "inet dns" for obvious reasons, then "route" because of the above.
Additionally if "-d" parameter (no_daemon) is NOT used then it will by default
run in the background and fire up a daemon(3) through routehandler() ->
go_daemon() codepath and it needs "proc" annotation.
It's only possible to do it after privdrop since up until then it does all the
nasty things with ioctl's that are not permitted by pledge.
Also, if it's placed here then all the reading/writing/creating files needed
were already handled before this happens and therefore doesn't seem to need
any other annotations than these and file handling is not needed at this point.
Any comments on this one?
Index: dhclient.c
===================================================================
RCS file: /cvs/src/sbin/dhclient/dhclient.c,v
retrieving revision 1.366
diff -u -p -u -r1.366 dhclient.c
--- dhclient.c 12 Nov 2015 18:46:14 -0000 1.366
+++ dhclient.c 30 Nov 2015 20:46:51 -0000
@@ -595,6 +595,14 @@ main(int argc, char *argv[])
endpwent();
+ if (no_daemon) {
+ if (pledge("stdio inet dns route", NULL) == -1)
+ error("pledge");
+ } else {
+ if (pledge("stdio inet dns route proc", NULL) == -1)
+ error("pledge");
+ }
+
setproctitle("%s", ifi->name);
time(&client->startup_time);
