summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--listen.c41
1 files changed, 35 insertions, 6 deletions
diff --git a/listen.c b/listen.c
index 635e7c6..1df15e2 100644
--- a/listen.c
+++ b/listen.c
@@ -14,13 +14,17 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include "bounce.h"
+
 #include <err.h>
 #include <errno.h>
+#include <limits.h>
 #include <netdb.h>
 #include <netinet/in.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
 #include <sys/un.h>
@@ -28,7 +32,9 @@
 #include <tls.h>
 #include <unistd.h>
 
-#include "bounce.h"
+#ifdef __FreeBSD__
+#include <sys/capsicum.h>
+#endif
 
 static struct tls *server;
 
@@ -109,6 +115,13 @@ size_t listenBind(int fds[], size_t cap, const char *host, const char *port) {
 }
 
 static bool unix;
+static int unixDir = -1;
+static char unixFile[PATH_MAX];
+
+static void unixUnlink(void) {
+	int error = unlinkat(unixDir, unixFile, 0);
+	if (error) warn("unlinkat");
+}
 
 size_t listenUnix(int fds[], size_t cap, const char *path) {
 	if (!cap) return 0;
@@ -122,13 +135,29 @@ size_t listenUnix(int fds[], size_t cap, const char *path) {
 	}
 	strncpy(addr.sun_path, path, sizeof(addr.sun_path));
 
-	// FIXME: unlinkat atexit.
-	int error = unlink(path);
-	if (error && errno != ENOENT) err(EX_UNAVAILABLE, "%s", path);
-
-	error = bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr));
+	int error = bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr));
 	if (error) err(EX_UNAVAILABLE, "%s", path);
 
+	char dir[PATH_MAX] = ".";
+	const char *base = strrchr(path, '/');
+	if (base) {
+		snprintf(dir, sizeof(dir), "%.*s", (int)(base - path), path);
+		base++;
+	} else {
+		base = path;
+	}
+	snprintf(unixFile, sizeof(unixFile), "%s", base);
+
+	unixDir = open(dir, O_DIRECTORY);
+	if (unixDir < 0) err(EX_UNAVAILABLE, "%s", dir);
+	atexit(unixUnlink);
+
+#ifdef __FreeBSD__
+	cap_rights_t rights;
+	error = cap_rights_limit(unixDir, cap_rights_init(&rights, CAP_UNLINKAT));
+	if (error) err(EX_OSERR, "cap_rights_limit");
+#endif
+
 	unix = true;
 	fds[0] = sock;
 	return 1;
td/> The reason I did this with pkgsrc was because I actually don't want the man(1) from mandoc, since it won't follow MANSECT. Same applies to MacPorts. I wish I could disable its man(1) with a variant or whatever. 2020-09-12Enable toc in cgit renderings of man pagesJune McEnroe But keep it disabled for READMEs since they always use non-standard sections and the TOC is just distracting there, I think. Also add the style so its h1 is the same size as the ones inside sections... 2020-09-11Install mandoc on macOSJune McEnroe 2020-09-11Rewrite install script yet againJune McEnroe 2020-09-11Remove NetBSD from install scriptJune McEnroe I never use it. 2020-09-11Use MacPorts rather than pkgsrcJune McEnroe My system is probably such a mess now... 2020-09-11Add debian VM name to sshJune McEnroe 2020-09-11Add influencer tweetJune McEnroe 2020-09-10Add The Kingdom of GodsJune McEnroe Reading has really slowed down :( 2020-09-07Add SunglassesJune McEnroe An IRC find. 2020-09-06Add Between the BreathsJune McEnroe One of those good songs from a soundtrack of a film that probably isn't? The summary sounds a lot more interesting than the title implies, at least. 2020-09-04Open /dev/tty in nudgeJune McEnroe This makes it work even when it's run connected to a pipe, i.e. as the notify command of catgirl... 2020-09-04Add nudgeJune McEnroe 2020-09-03Build fbclock with -lzJune McEnroe I guess this got lost somewhere, long ago... 2020-08-29Add tweets from retweetsJune McEnroe