From ccfdfa3ecdd10a03be4b86e0b0c1b7915b5e49f3 Mon Sep 17 00:00:00 2001 From: ajacoutot <> Date: Mon, 13 Aug 2012 10:10:07 +0000 Subject: [PATCH] unset _rcflags and _rcuser so that they don't get inherited by rc.d(8) scripts; from robert at peichaer dot org ok halex@ While here, put the "sanitation" commands in their own block. --- src/etc/rc.d/rc.subr | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/etc/rc.d/rc.subr b/src/etc/rc.d/rc.subr index b70bcefc..a5d7a971 100644 --- a/src/etc/rc.d/rc.subr +++ b/src/etc/rc.d/rc.subr @@ -1,4 +1,4 @@ -# $OpenBSD: rc.subr,v 1.61 2012/08/13 08:08:00 ajacoutot Exp $ +# $OpenBSD: rc.subr,v 1.62 2012/08/13 10:10:07 ajacoutot Exp $ # # Copyright (c) 2010, 2011 Antoine Jacoutot # Copyright (c) 2010, 2011 Ingo Schwarze @@ -203,8 +203,11 @@ getcap -f /etc/login.conf ${_name} 1>/dev/null 2>&1 && \ [ -n "${_rcflags}" ] && daemon_flags=${_rcflags} [ -n "${_rcuser}" ] && daemon_user=${_rcuser} +# sanitize daemon_flags=$(printf ' %s' ${daemon_flags}) daemon_flags=${daemon_flags## } +readonly daemon_class +unset _rcflags _rcuser + pexp="${daemon}${daemon_flags:+ ${daemon_flags}}" rcexec="su -l -c ${daemon_class} -s /bin/sh ${daemon_user} -c" -readonly daemon_class