FreeBSD: Revert caph_enter(3) call to cap_enter(2)

caph_enter(3) is the same as cap_enter(2) except that it returns
success even if the kernel does not support capability mode. Since
we only enter capability mode when explicitly requested by the
restrict option, it should fail loudly if it is not supported. On
the other hand, we make calls to caph_rights_limit(3) and friends
in some places regardless of whether we actually enter capability
mode (to keep the code simple), so those should continue to succeed
even if capability mode is not supported.
master
C. McEnroe 2021-07-20 13:25:04 -04:00
parent 347e2b461f
commit d9388fa2a8
1 changed files with 2 additions and 2 deletions

4
chat.c
View File

@ -201,8 +201,8 @@ static void sandboxLate(int irc) {
caph_cache_tzdata();
gmtime(&(time_t) { time(NULL) });
error = caph_enter();
if (error) err(EX_OSERR, "caph_enter");
error = cap_enter();
if (error) err(EX_OSERR, "cap_enter");
}
#else