On 2019/05/15 18:11, Theo de Raadt wrote: > That looks good. > > Do others using sensorsd concur?
Yes. > Anton Borowka <[email protected]> wrote: > > > sensorsd(8) currently only unveils /etc/sensorsd.conf for reading, but > > the config file can be changed with the -f option (which is currently > > not working). > > > > The patch moves unveil and pledge after the options handling and unveils > > the determined configfile. > > > > Index: usr.sbin/sensorsd/sensorsd.c > > =================================================================== > > RCS file: /cvs/src/usr.sbin/sensorsd/sensorsd.c,v > > retrieving revision 1.63 > > diff -u -p -u -r1.63 sensorsd.c > > --- usr.sbin/sensorsd/sensorsd.c 10 Dec 2018 13:35:54 -0000 1.63 > > +++ usr.sbin/sensorsd/sensorsd.c 15 May 2019 17:18:21 -0000 > > @@ -114,14 +114,6 @@ main(int argc, char *argv[]) > > int ch, check_period = CHECK_PERIOD; > > const char *errstr; > > > > - if (unveil("/etc/sensorsd.conf", "r") == -1) > > - err(1, "unveil"); > > - if (unveil("/", "x") == -1) > > - err(1, "unveil"); > > - > > - if (pledge("stdio rpath proc exec", NULL) == -1) > > - err(1, "pledge"); > > - > > while ((ch = getopt(argc, argv, "c:df:")) != -1) { > > switch (ch) { > > case 'c': > > @@ -148,14 +140,23 @@ main(int argc, char *argv[]) > > if (argc > 0) > > usage(); > > > > - openlog("sensorsd", LOG_PID | LOG_NDELAY, LOG_DAEMON); > > - > > - create(); > > - > > if (configfile == NULL) > > if (asprintf(&configfile, "/etc/sensorsd.conf") == -1) > > err(1, "out of memory"); > > + > > + if (unveil(configfile, "r") == -1) > > + err(1, "unveil"); > > + if (unveil("/", "x") == -1) > > + err(1, "unveil"); > > + > > + if (pledge("stdio rpath proc exec", NULL) == -1) > > + err(1, "pledge"); > > + > > parse_config(configfile); > > + > > + openlog("sensorsd", LOG_PID | LOG_NDELAY, LOG_DAEMON); > > + > > + create(); > > > > if (debug == 0 && daemon(0, 0) == -1) > > err(1, "unable to fork"); > > >
