ref: 3bf89ed825835b574c3d1c7f640918e65aac488d
parent: 82bf19941ed8dc4626e8fb3c12b2f67d7d331093
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Thu Dec 22 16:55:56 EST 2016
auth/as: simplify further
--- a/sys/src/cmd/auth/as.c
+++ b/sys/src/cmd/auth/as.c
@@ -17,7 +17,6 @@
char *namespace = nil;
int becomeuser(char*);
-void initcap(void);
void
usage(void)
@@ -56,7 +55,6 @@
if(argc == 0)
usage();
- initcap();
if(becomeuser(argv[0]) < 0)
sysfatal("can't change uid for %s: %r", argv[0]);if(newns(argv[0], namespace) < 0)
@@ -70,19 +68,6 @@
}
/*
- * keep caphash fd open since opens of it could be disabled
- */
-static int caphashfd;
-
-void
-initcap(void)
-{- caphashfd = open("#¤/caphash", OCEXEC|OWRITE);- if(caphashfd < 0)
- fprint(2, "%s: opening #¤/caphash: %r", argv0);
-}
-
-/*
* create a change uid capability
*/
char*
@@ -93,8 +78,10 @@
char *key;
int nfrom, nto;
uchar hash[SHA1dlen];
+ int fd;
- if(caphashfd < 0)
+ fd = open("#¤/caphash", OCEXEC|OWRITE);+ if(fd < 0)
return nil;
/* create the capability */
@@ -113,10 +100,12 @@
/* give the kernel the hash */
key[-1] = '@';
- if(write(caphashfd, hash, SHA1dlen) < 0){+ if(write(fd, hash, SHA1dlen) < 0){+ close(fd);
free(cap);
return nil;
}
+ close(fd);
return cap;
}