That looks good. Do others using sensorsd concur?
Anton Borowka <[email protected]> wrote: > sensorsd(8) currently only unveils /etc/sensorsd.conf for reading, but > the config file can be changed with the -f option (which is currently > not working). > > The patch moves unveil and pledge after the options handling and unveils > the determined configfile. > > Index: usr.sbin/sensorsd/sensorsd.c > =================================================================== > RCS file: /cvs/src/usr.sbin/sensorsd/sensorsd.c,v > retrieving revision 1.63 > diff -u -p -u -r1.63 sensorsd.c > --- usr.sbin/sensorsd/sensorsd.c 10 Dec 2018 13:35:54 -0000 1.63 > +++ usr.sbin/sensorsd/sensorsd.c 15 May 2019 17:18:21 -0000 > @@ -114,14 +114,6 @@ main(int argc, char *argv[]) > int ch, check_period = CHECK_PERIOD; > const char *errstr; > > - if (unveil("/etc/sensorsd.conf", "r") == -1) > - err(1, "unveil"); > - if (unveil("/", "x") == -1) > - err(1, "unveil"); > - > - if (pledge("stdio rpath proc exec", NULL) == -1) > - err(1, "pledge"); > - > while ((ch = getopt(argc, argv, "c:df:")) != -1) { > switch (ch) { > case 'c': > @@ -148,14 +140,23 @@ main(int argc, char *argv[]) > if (argc > 0) > usage(); > > - openlog("sensorsd", LOG_PID | LOG_NDELAY, LOG_DAEMON); > - > - create(); > - > if (configfile == NULL) > if (asprintf(&configfile, "/etc/sensorsd.conf") == -1) > err(1, "out of memory"); > + > + if (unveil(configfile, "r") == -1) > + err(1, "unveil"); > + if (unveil("/", "x") == -1) > + err(1, "unveil"); > + > + if (pledge("stdio rpath proc exec", NULL) == -1) > + err(1, "pledge"); > + > parse_config(configfile); > + > + openlog("sensorsd", LOG_PID | LOG_NDELAY, LOG_DAEMON); > + > + create(); > > if (debug == 0 && daemon(0, 0) == -1) > err(1, "unable to fork"); >
